From f9afeb6feb289003359790e820d7e7d918937fea Mon Sep 17 00:00:00 2001 From: Leah Rowe Date: Fri, 11 Aug 2023 14:50:17 +0100 Subject: NEW BOARD: Dell Precision T1650 Very nice ivybridge board that supports ECC RAM. NOTE: I couldn't get onboard graphics working yet, but this was confirmed working with a graphics card (in my case nvidia quadra k420) booted in text mode on the SeaBIOS payload. The GRUB payload also works, when loaded from SeaBIOS. Therefore, this is a SeaBIOS-only board (as far as first payload is concerned), but you can pick GRUB from the menu. You could make it "GRUB-only" in practise by setting SeaBIOS boot order to only load GRUB, and disable the SeaBIOS menu. We refer to this as "SeaGRUB". I've made lbmk use biosutilities and uefiextract, to get at the SMSC SCH5545 Environmental Control (EC) firmware. This firmware is needed for fan control. This is automatically downloaded and extracted, from Dell UEFI firmware updates. As with other blobs such as Intel ME, this firmware is then scrubbed by the release build scripts. The blobutil "inject" script can be used to re-insert it. Of note: there is no fixed offset, but no other blobs to be inserted in CBFS either, so the offset when re-inserting on release ROMs should still be the same, and thus the ROM checksums should match, when running blobutil inject. Signed-off-by: Leah Rowe --- resources/scripts/build/clean/uefitool | 28 ++++++++ resources/scripts/build/dependencies/arch | 5 ++ resources/scripts/build/dependencies/debian | 4 ++ resources/scripts/build/dependencies/fedora38 | 5 ++ resources/scripts/build/dependencies/parabola | 5 ++ resources/scripts/build/dependencies/ubuntu2004 | 4 ++ resources/scripts/build/dependencies/void | 5 ++ resources/scripts/build/module/uefitool | 44 ++++++++++++ resources/scripts/build/release/roms | 9 +++ resources/scripts/build/release/src | 6 +- resources/scripts/update/blobs/download | 91 ++++++++++++++++++++++++- resources/scripts/update/blobs/inject | 22 ++++++ resources/scripts/update/module/biosutilities | 22 ++++++ resources/scripts/update/module/uefitool | 22 ++++++ 14 files changed, 268 insertions(+), 4 deletions(-) create mode 100755 resources/scripts/build/clean/uefitool create mode 100755 resources/scripts/build/module/uefitool create mode 100755 resources/scripts/update/module/biosutilities create mode 100755 resources/scripts/update/module/uefitool (limited to 'resources/scripts') diff --git a/resources/scripts/build/clean/uefitool b/resources/scripts/build/clean/uefitool new file mode 100755 index 00000000..ad8aa56e --- /dev/null +++ b/resources/scripts/build/clean/uefitool @@ -0,0 +1,28 @@ +#!/usr/bin/env sh + +# helper script: run make clean on bios_extract +# +# Copyright (C) 2023 Leah Rowe +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +printf "Cleaning the previous build of uefitool (UEFIExtract)\n" + +[ ! -d "uefitool" ] && exit 0 + +make clean -BC uefitool || exit 1 diff --git a/resources/scripts/build/dependencies/arch b/resources/scripts/build/dependencies/arch index 407915e1..92af1a87 100644 --- a/resources/scripts/build/dependencies/arch +++ b/resources/scripts/build/dependencies/arch @@ -94,6 +94,11 @@ pacman -S --needed --noconfirm libpciaccess pciutils zlib libftdi \ pacman -S --needed --noconfirm innoextract p7zip unar +# UEFIExtract +# ------------ + +pacman -S --needed --noconfirm cmake + # U-Boot build dependencies # ------------------------------------------------------------ pacman -S --needed --noconfirm swig dtc diff --git a/resources/scripts/build/dependencies/debian b/resources/scripts/build/dependencies/debian index b9ab42e6..065cb2c7 100755 --- a/resources/scripts/build/dependencies/debian +++ b/resources/scripts/build/dependencies/debian @@ -127,6 +127,10 @@ apt-get -y install libpci-dev pciutils zlib1g-dev libftdi-dev \ # For cross-compiling i686 target on x86_64 host. [ "${arch}" -eq 0 ] && apt-get -y install lib32z1-dev +# UEFIExtract +# ------------ + +apt-get -y install cmake # Blobs building dependencies (for me) # ------------------------------------------------------------ diff --git a/resources/scripts/build/dependencies/fedora38 b/resources/scripts/build/dependencies/fedora38 index 0f852f44..57dd20a3 100755 --- a/resources/scripts/build/dependencies/fedora38 +++ b/resources/scripts/build/dependencies/fedora38 @@ -93,6 +93,11 @@ dnf -y install gcc dnf -y install pciutils-devel zlib-devel libftdi-devel gcc libusb-devel +# UEFIExtract +# ------------ + +dnf -y install cmake + # For extracting IntelME from lenovo updates (X230 etc) dnf -y install innoextract p7zip p7zip-plugins unar diff --git a/resources/scripts/build/dependencies/parabola b/resources/scripts/build/dependencies/parabola index 4e40b175..67a5fe75 100755 --- a/resources/scripts/build/dependencies/parabola +++ b/resources/scripts/build/dependencies/parabola @@ -101,6 +101,11 @@ pacman -S --needed --noconfirm innoextract p7zip unar # ------------------------------------------------------------ pacman -S --needed --noconfirm swig dtc +# UEFIExtract +# ------------ + +pacman -S --needed --noconfirm cmake + # Unifont, for GRUB # ------------------------------------------------------------ diff --git a/resources/scripts/build/dependencies/ubuntu2004 b/resources/scripts/build/dependencies/ubuntu2004 index bacb1e46..8ea5507b 100755 --- a/resources/scripts/build/dependencies/ubuntu2004 +++ b/resources/scripts/build/dependencies/ubuntu2004 @@ -109,6 +109,10 @@ apt-get -y install libpci-dev pciutils zlib1g-dev libftdi-dev \ # For cross-compiling i686 target on x86_64 host. [ "${arch}" -eq 0 ] && apt-get -y install lib32z1-dev +# UEFIExtract +# ------------ + +apt-get -y install cmake # Blobs building dependencies (for me) # ------------------------------------------------------------ diff --git a/resources/scripts/build/dependencies/void b/resources/scripts/build/dependencies/void index 7ceaafde..96263f9c 100755 --- a/resources/scripts/build/dependencies/void +++ b/resources/scripts/build/dependencies/void @@ -85,6 +85,11 @@ xbps-install -y base-devel xbps-install -y libpciaccess pciutils zlib libftdi1 base-devel libusb +# UEFIExtract +# ------------ + +xbps-install -y cmake + # Management engine extraction dependencies # ------------------------------------------------------------ diff --git a/resources/scripts/build/module/uefitool b/resources/scripts/build/module/uefitool new file mode 100755 index 00000000..6adf1de2 --- /dev/null +++ b/resources/scripts/build/module/uefitool @@ -0,0 +1,44 @@ +#!/usr/bin/env sh + +# helper script: builds bios_extract source code +# +# Copyright (C) 2023 Leah Rowe +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +main() +{ + if [ ! -d "uefitool" ]; then + ./download uefitool || fail "cannot download uefitool" + fi + + printf "Building uefitool (UEFIExtract)\n" + + ( + cd uefitool || fail "uefitool not downloaded" + cmake UEFIExtract/ || fail "cannot cmake UEFIExtract" + make || fail "error compiling UEFIExtract" + ) +} + +fail() +{ + printf "(uefitool build) %s\n" $1 1>&2 +} + +main $@ diff --git a/resources/scripts/build/release/roms b/resources/scripts/build/release/roms index d81ec09a..c60070ec 100755 --- a/resources/scripts/build/release/roms +++ b/resources/scripts/build/release/roms @@ -29,6 +29,7 @@ target="" CONFIG_HAVE_MRC="" CONFIG_HAVE_ME_BIN="" CONFIG_KBC1126_FIRMWARE="" +CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="" ifdtool="cbutils/${cbtree}/ifdtool" cbfstool="cbutils/${cbtree}/cbfstool" @@ -76,6 +77,7 @@ make_archive() CONFIG_HAVE_MRC="y" CONFIG_HAVE_ME_BIN="y" CONFIG_KBC1126_FIRMWARE="y" + CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="y" grep "CONFIG_HAVE_ME_BIN=y" \ "resources/coreboot/${target}/config/"* \ || CONFIG_HAVE_ME_BIN="n" @@ -85,6 +87,9 @@ make_archive() grep "CONFIG_KBC1126_FIRMWARE=y" \ "resources/coreboot/${target}/config"/* \ || CONFIG_KBC1126_FIRMWARE="n" + grep "CONFIG_INCLUDE_SMSC_SCH5545_EC_FW=y" \ + "resources/coreboot/${target}/config"/* \ + || CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="n" # remove ME/MRC/EC firmware from ROM images if [ "${CONFIG_HAVE_ME_BIN}" = "y" ] \ @@ -163,6 +168,10 @@ strip_rom_image() ${cbfstool} "${romfile}" remove -n ecfw2.bin || exit 1 fi + if [ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" = "y" ]; then + ${cbfstool} "${romfile}" remove -n sch5545_ecfw.bin || exit 1 + fi + # TODO: replace this board-specific hack if [ "${target}" = "e6400nvidia_4mb" ]; then ${cbfstool} "${romfile}" remove \ diff --git a/resources/scripts/build/release/src b/resources/scripts/build/release/src index 7a2f94d7..0e3237ab 100755 --- a/resources/scripts/build/release/src +++ b/resources/scripts/build/release/src @@ -24,7 +24,7 @@ set -u -e projectname="$(cat projectname)" modlist="coreboot flashrom grub memtest86plus seabios me_cleaner u-boot" -modlist="${modlist} bios_extract" +modlist="${modlist} bios_extract biosutilities uefitool" dirlist="resources util" # do not add blobs directory here. it's handled below @@ -104,8 +104,8 @@ copy_blobs() mkdir -p "${srcdir}"/blobs # do not copy intel ME etc, but do copy ifd/gbe files for i in t440p xx20 xx30 hp8200sff hp_ivybridge hp_sandybridge \ - hp8300usdt; do - for j in ifd gbe 16_ifd; do + hp8300usdt t1650; do + for j in ifd gbe 4_ifd 8_ifd 12_ifd 16_ifd; do if [ -f "blobs/${i}/${j}.bin" ]; then if [ ! -e "${srcdir}/blobs/${i}" ]; then mkdir -p "${srcdir}/blobs/${i}" diff --git a/resources/scripts/update/blobs/download b/resources/scripts/update/blobs/download index 9beacab8..9fd2a6b9 100755 --- a/resources/scripts/update/blobs/download +++ b/resources/scripts/update/blobs/download @@ -19,6 +19,9 @@ e6400_vga_dl_url="" e6400_vga_dl_url_bkup="" e6400_vga_offset="" e6400_vga_romname="" +sch5545ec_dl_url="" +sch5545ec_dl_url_bkup="" +sch5545ec_dl_hash="" cbdir="coreboot/default" cbcfgsdir="resources/coreboot" @@ -31,6 +34,8 @@ e6400_unpack="$(pwd)/bios_extract/dell_inspiron_1100_unpacker.py" me7updateparser="$(pwd)/resources/blobs/me7_update_parser.py" kbc1126_ec_dump="$(pwd)/${cbdir}/util/kbc1126/kbc1126_ec_dump" board="" +pfs_extract="$(pwd)/biosutilities/Dell_PFS_Extract.py" +uefiextract="$(pwd)/uefitool/uefiextract" _b="" # board shorthand without e.g. _4mb (avoid duplication per flash size) CONFIG_HAVE_MRC="" @@ -40,6 +45,8 @@ CONFIG_HAVE_GBE_BIN="" CONFIG_KBC1126_FIRMWARE="" CONFIG_BOARD_DELL_E6400="" CONFIG_VGA_BIOS_FILE="" +CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="" +CONFIG_SMSC_SCH5545_EC_FW_FILE="" main() { @@ -92,11 +99,15 @@ detect_firmware() && [ "${CONFIG_VGA_BIOS_FILE}" != "" ]; then needs="${needs} E6400VGA" fi + if [ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" = "y" ]; then + needs="${needs} SCH5545EC" + fi if [ -z ${needs+x} ]; then printf 'No binary blobs needed for this board\n' return 1 fi - printf "Firmware needed for board %s: %s\n" ${board} ${needs} + printf "Firmware needed for board '%s':\n" ${board} + printf "%s\n" ${needs} } scan_sources_config() @@ -152,6 +163,18 @@ scan_sources_config() set ${line} e6400_vga_romname=${2} ;; + SCH5545EC_DL_hash*) + set ${line} + sch5545ec_dl_hash=${2} + ;; + SCH5545EC_DL_url_bkup*) + set ${line} + sch5545ec_dl_url_bkup=${2} + ;; + SCH5545EC_DL_url*) + set ${line} + sch5545ec_dl_url=${2} + ;; esac done << EOF $(eval "awk '${awkstr}' resources/blobs/sources") @@ -174,6 +197,20 @@ build_dependencies() ./download bios_extract \ || fail "could not download bios_extract" fi + if [ ! -d biosutilities ]; then + printf "downloading biosutilities\n" + ./download biosutilities \ + || fail "could not download biosutilities" + fi + if [ ! -d uefitool ]; then + printf "download uefitool (for UEFIExtract)\n" + ./download uefitool \ + || fail "could not download uefitool" + fi + if [ ! -f uefitool/uefiextract ]; then + ./build module uefitool \ + || fail "could not build uefitool" + fi if [ ! -f ${cbdir}/util/kbc1126/kbc1126_ec_dump ]; then printf "Building kbc1126_ec_dump from coreboot\n" make -BC ${cbdir}/util/kbc1126 \ @@ -193,6 +230,9 @@ download_blobs() *ME*) download_blob_intel_me || _failed="${_failed} me" ;; + *SCH5545EC*) + download_sch5545ec || failed="${_failed} sch5545ec" + ;; *EC*) download_ec || _failed="${_failed} ec" ;; @@ -420,6 +460,51 @@ extract_e6400vga() printf "E6400 Nvidia ROM saved to: %s\n" "${_vga_destination}" } +download_sch5545ec() +{ + printf "Downloading SMSC SCH5545 Environment Controller firmware\n" + + fetch_update sch5545ec || return 1 + extract_sch5545ec || return 1 +} + +# TODO: this code is cancer. hardcoded is bad, and stupid. +# TODO: make it *scan* (based on signature, in each file) +extract_sch5545ec() +{ + printf "Extracting SCH5545 Environment Controller firmware for '%s'\n" \ + ${board} + + _sch5545ec_destination=${CONFIG_SMSC_SCH5545_EC_FW_FILE#../../} + + if [ -f "${_sch5545ec_destination}" ]; then + printf 'sch5545 firmware already downloaded\n' + return 0 + fi + + if [ -d "${appdir}" ]; then + rm -Rf "${appdir}" + fi + mkdir -p "${appdir}/" + + cp "${dl_path}" "${appdir}/" + python "${pfs_extract}" "${appdir}/${dlsum}" -e || exit 1 + + # full system ROM (UEFI), to extract with UEFIExtract: + _bios="${appdir}/${dlsum}_extracted/Firmware" + _bios="${_bios}/1 ${dlsum} -- 1 System BIOS vA.28.bin" + + # this is the SCH5545 firmware, inside of the extracted UEFI ROM: + _sch5545ec_fw="${_bios}.dump/4 7A9354D9-0468-444A-81CE-0BF617D890DF" + _sch5545ec_fw="${_sch5545ec_fw}/54 D386BEB8-4B54-4E69-94F5-06091F67E0D3" + _sch5545ec_fw="${_sch5545ec_fw}/0 Raw section/body.bin" # <-- this! + + # this makes the file defined by _sch5545ec_fw available to copy + "${uefiextract}" "${_bios}" || exit 1 + + cp "${_sch5545ec_fw}" "${_sch5545ec_destination}" || exit 1 +} + fetch_update() { printf "Fetching vendor update for board: %s\n" ${board} @@ -440,6 +525,10 @@ fetch_update() dl=${e6400_vga_dl_url} dl_bkup=${e6400_vga_dl_url_bkup} dlsum=${e6400_vga_dl_hash} + elif [ "${fw_type}" = "sch5545ec" ]; then + dl="${sch5545ec_dl_url}" + dl_bkup="${sch5545ec_dl_url_bkup}" + dlsum="${sch5545ec_dl_hash}" else printf "Unsupported download type: %s\n" ${fw_type} return 1 diff --git a/resources/scripts/update/blobs/inject b/resources/scripts/update/blobs/inject index bc8a9a4d..97cb35a6 100755 --- a/resources/scripts/update/blobs/inject +++ b/resources/scripts/update/blobs/inject @@ -34,6 +34,8 @@ CONFIG_KBC1126_FW2_OFFSET="" CONFIG_VGA_BIOS_FILE="" CONFIG_VGA_BIOS_ID="" CONFIG_GBE_BIN_PATH="" +CONFIG_INCLUDE_SMSC_SCH5545_EC_FW="" +CONFIG_SMSC_SCH5545_EC_FW_FILE="" main() { @@ -217,6 +219,11 @@ patch_rom() inject_blob_dell_e6400_vgarom_nvidia fi + if [ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" = "y" ] \ + && [ "${CONFIG_SMSC_SCH5545_EC_FW_FILE}" != "" ]; then + inject_blob_smsc_sch5545_ec "${rom}" + fi + if [ "${modifygbe}" = "true" ] && ! [ "${release}" = "true" ]; then modify_gbe ${rom} fi @@ -325,6 +332,21 @@ inject_blob_dell_e6400_vgarom_nvidia() -t optionrom || exit 1 } +inject_blob_smsc_sch5545_ec() +{ + rom="${1}" + + _sch5545ec_location="${CONFIG_SMSC_SCH5545_EC_FW_FILE#../../}" + + if [ ! -f "${_sch5545ec_location}" ]; then + printf "SCH5545 firmware file missing\n" 1>&2 + exit 1 + fi + + "${cbfstool}" "${rom}" add -f "${_sch5545ec_location}" \ + -n sch5545_ecfw.bin -t raw || exit 1 +} + modify_gbe() { printf "changing mac address in gbe to ${new_mac}\n" diff --git a/resources/scripts/update/module/biosutilities b/resources/scripts/update/module/biosutilities new file mode 100755 index 00000000..c6de36b1 --- /dev/null +++ b/resources/scripts/update/module/biosutilities @@ -0,0 +1,22 @@ +#!/usr/bin/env sh +# +# Copyright (C) 2023 Leah Rowe +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +./gitclone biosutilities diff --git a/resources/scripts/update/module/uefitool b/resources/scripts/update/module/uefitool new file mode 100755 index 00000000..cd376895 --- /dev/null +++ b/resources/scripts/update/module/uefitool @@ -0,0 +1,22 @@ +#!/usr/bin/env sh +# +# Copyright (C) 2023 Leah Rowe +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +[ "x${DEBUG+set}" = 'xset' ] && set -v +set -u -e + +./gitclone uefitool -- cgit v1.2.1