From 1c8401be25e4749a2eee5ddc77ce7c6ac880c910 Mon Sep 17 00:00:00 2001 From: Leah Rowe Date: Thu, 24 Aug 2023 20:19:41 +0100 Subject: much, much stricter, more verbose error handling lbmk is much more likely to crash now, in error conditions, which is a boon for further auditing. also: in "fetch", remove the downloaded program if fail() was called. this would also be done for gnulib, when downloading grub, but done in such a way that gnulib goes first. where calls to err write "ERROR" in the string, they no longer say "ERROR" because the "err" function itself now does that automatically. also: listmodes/listoptions (in "lbmk") now reports an error if no scripts and/or directories are found. also: where a warning is given, but not an error, i've gone through in some places and redirected the output to stderr, not stdout as part of error checks: running anything as root, except for the "./build dependencies *" commands, is no longer permitted and lbmk will throw an error mrc downloads: debugfs output no longer redirected to /dev/null, and stderr no longer redirected to stdout. everything is verbose. certain non-error states are also more verbose. for example, patch_rom in blobs/inject will now state when injection succeeds certain actual errors(bugs) were fixed: for example, build/release/roms now correctly prepares the blobs hash files for a given target, containing only the files and checksums in the list. Previously, a printf message was included. Now, with this new code: blobutil/inject rightly verifies hashes. doing all of this in one giant patch is cleaner than 100 patches changing each file. even this is yet part of a much larger audit going on in the Libreboot project. Signed-off-by: Leah Rowe --- resources/scripts/update/blobs/mrc | 49 +++++++++++++++++++++++++------------- 1 file changed, 32 insertions(+), 17 deletions(-) (limited to 'resources/scripts/update/blobs/mrc') diff --git a/resources/scripts/update/blobs/mrc b/resources/scripts/update/blobs/mrc index 57cbede6..74899990 100755 --- a/resources/scripts/update/blobs/mrc +++ b/resources/scripts/update/blobs/mrc @@ -72,23 +72,23 @@ check_existing() build_dependencies() { [ -d "${cbdir}/" ] || ./fetch_trees coreboot default || \ - err "cannot fetch coreboot/default" + err "build_dependencies: cannot fetch coreboot/default" ./build coreboot utils default || \ - err "cannot build cbutils/default" + err "build_dependencies: cannot build cbutils/default" } fetch_mrc() { - mkdir -p mrc/haswell/ || err "cannot mkdir mrc/haswell" + mkdir -p mrc/haswell/ || err "fetch_mrc: !mkdir mrc/haswell" ( - cd mrc/haswell/ + cd mrc/haswell/ || err "fetch_mrc: !cd mrc/haswell" download_image ${_url} ${_file} ${_sha1sum} [ -f ${_file} ] || \ download_image ${_url2} ${_file} ${_sha1sum} [ -f $_file ] || \ - err "%{_file} not downloaded / verification failed." + err "fetch_mrc: ${_file} not downloaded / verification failed." extract_partition ROOT-A ${_file} root-a.ext2 extract_shellball root-a.ext2 chromeos-firmwareupdate-${_board} @@ -96,9 +96,9 @@ fetch_mrc() extract_coreboot chromeos-firmwareupdate-${_board} ../../${cbfstool} coreboot-*.bin extract -f mrc.bin -n mrc.bin \ - -r RO_SECTION || err "Could not fetch mrc.bin" + -r RO_SECTION || err "fetch_mrc: could not fetch mrc.bin" rm -f "chromeos-firmwareupdate-${_board}" coreboot-*.bin \ - "${_file}" "root-a.ext2" + "${_file}" "root-a.ext2" || err "fetch_mrc: cannot remove files" printf "\n\nmrc.bin saved to ${_mrc_complete}\n\n" ) @@ -111,16 +111,16 @@ download_image() _sha1sum=${3} printf "Downloading recovery image\n" - curl "$url" > "$_file.zip" + curl "$url" > "$_file.zip" || err "download_image: curl failed" printf "Verifying recovery image checksum\n" if [ "$(sha1sum ${_file}.zip | awk '{print $1}')" = "${_sha1sum}" ] then - unzip -q "${_file}.zip" - rm "${_file}.zip" + unzip -q "${_file}.zip" || err "download_image: cannot unzip" + rm -f "${_file}.zip" || err "download_image: can't rm zip {1}" return 0 fi - rm "${_file}.zip" - err "Bad checksum. Recovery image deleted" + rm -f "${_file}.zip" || err "download_image: bad hash, and can't rm zip" + err "download_image: Bad checksum. Recovery image deleted" } extract_partition() @@ -138,7 +138,8 @@ extract_partition() SIZE=$(( $( echo ${ROOTP} | cut -f4 -d\ | tr -d "B" ) )) dd if=${FILE} of=${ROOTFS} bs=${_bs} skip=$(( ${START} / ${_bs} )) \ - count=$(( ${SIZE} / ${_bs} )) > /dev/null + count=$(( ${SIZE} / ${_bs} )) || \ + err "extract_partition: can't extract root file system" } extract_shellball() @@ -148,7 +149,7 @@ extract_shellball() printf "Extracting chromeos-firmwareupdate\n" printf "cd /usr/sbin\ndump chromeos-firmwareupdate ${SHELLBALL}\nquit" \ - | debugfs ${ROOTFS} > /dev/null 2>&1 + | debugfs ${ROOTFS} || err "extract_shellball: debugfs" } extract_coreboot() @@ -157,13 +158,27 @@ extract_coreboot() _unpacked=$( mktemp -d ) printf "Extracting coreboot image\n" - sh ${_shellball} --unpack ${_unpacked} > /dev/null + + [ -f "${_shellball}" ] || \ + err "extract_coreboot: shellball missing in google peppy image" + + sh ${_shellball} --unpack ${_unpacked} || \ + err "extract_coreboot: shellball exits with non-zero status" + + # TODO: audit the f* out of that shellball, for each mrc version. + # it has to be updated for each mrc update. we should ideally + # implement the functionality ourselves. + + [ -f "${_unpacked}/VERSION" ] || \ + err "extract_coreboot: VERSION file missing on google coreboot rom" _version=$( cat ${_unpacked}/VERSION | grep BIOS\ version: | \ cut -f2 -d: | tr -d \ ) - cp ${_unpacked}/bios.bin coreboot-${_version}.bin - rm -r "${_unpacked}" + cp ${_unpacked}/bios.bin coreboot-${_version}.bin || \ + err "extract_coreboot: cannot copy google peppy rom" + rm -Rf "${_unpacked}" || \ + err "extract_coreboot: cannot remove extracted google peppy archive" } main $@ -- cgit v1.2.1