From 1c8401be25e4749a2eee5ddc77ce7c6ac880c910 Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Thu, 24 Aug 2023 20:19:41 +0100
Subject: much, much stricter, more verbose error handling

lbmk is much more likely to crash now, in error conditions,
which is a boon for further auditing.

also: in "fetch", remove the downloaded program
if fail() was called.

this would also be done for gnulib, when downloading
grub, but done in such a way that gnulib goes first.

where calls to err write "ERROR" in the string, they
no longer say "ERROR" because the "err" function itself
now does that automatically.

also: listmodes/listoptions (in "lbmk") now reports an
error if no scripts and/or directories are found.

also: where a warning is given, but not an error, i've
gone through in some places and redirected the output
to stderr, not stdout

as part of error checks: running anything as root, except
for the "./build dependencies *" commands, is no longer
permitted and lbmk will throw an error

mrc downloads: debugfs output no longer redirected to /dev/null,
and stderr no longer redirected to stdout. everything is verbose.

certain non-error states are also more verbose. for example,
patch_rom in blobs/inject will now state when injection succeeds

certain actual errors(bugs) were fixed:
for example, build/release/roms now correctly prepares the blobs
hash files for a given target, containing only the files and
checksums in the list. Previously, a printf message was included.
Now, with this new code: blobutil/inject rightly verifies hashes.

doing all of this in one giant patch is cleaner
than 100 patches changing each file. even this is yet part
of a much larger audit going on in the Libreboot project.

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 resources/scripts/build/src/for | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

(limited to 'resources/scripts/build/src')

diff --git a/resources/scripts/build/src/for b/resources/scripts/build/src/for
index 6945b9f9..fd7f84f3 100755
--- a/resources/scripts/build/src/for
+++ b/resources/scripts/build/src/for
@@ -53,24 +53,28 @@ main()
 handle_dependencies()
 {
 	[ -d "${project}" ] || ./fetch "${project%/*}" || \
-	    err "Cannot download project, ${project%/*}"
-	[ -d "${project}" ] || err "Project, ${project%/*}, not downloaded"
+	    err "handle_dependencies: can't fetch ${project%/*}"
+	[ -d "${project}" ] || \
+		err "handle_dependencies: ${project%/*} not downloaded"
 
 	if [ "${project}" = "uefitool" ]; then
 		(
-		cd uefitool || err "cannot cd to uefitool/"
-		cmake UEFIExtract/ || err "cannot cmake UEFIExtract"
+		cd uefitool || err "handle_dependencies: !cd uefitool"
+		cmake UEFIExtract/ || \
+		    err "handle_dependencies: !cmake UEFIExtract/"
 		)
 	fi
 }
 
 run_make_command()
 {
-	[ ! -z "${mode}" ] || \
-		make -C "${project}" || err "'make' failed (${project})"
-	[ -z "${mode}" ] || \
+	if [ -z "${mode}" ]; then
+		make -C "${project}" || \
+		    err "run_make_command: !make -C ${project}"
+	else
 		make -C "${project}" distclean || make -C "${project}" clean \
-		    || err "cannot clean project src, ${project}"
+		    || err "run_make_command: ${project}: make-clean failed"
+	fi
 }
 
 main $@
-- 
cgit v1.2.1