From 62cc895c3c293011c256bb8c45cc4c07797cbf36 Mon Sep 17 00:00:00 2001 From: Leah Rowe Date: Sat, 7 Oct 2023 00:57:55 +0100 Subject: rename blob/ to vendor/ in the future, we may start downloading files that aren't blobs, such as mxm port configs (on mainboards that use MXM graphics) this directory will contain all of those files generally change the language used, across lbmk, to make use of "vendorfile" instead of "blob" Signed-off-by: Leah Rowe --- script/update/blobs/download | 170 ----------------------- script/update/blobs/inject | 314 ----------------------------------------- script/update/project/build | 2 +- script/update/release/roms | 8 +- script/update/vendor/download | 170 +++++++++++++++++++++++ script/update/vendor/inject | 316 ++++++++++++++++++++++++++++++++++++++++++ 6 files changed, 491 insertions(+), 489 deletions(-) delete mode 100755 script/update/blobs/download delete mode 100755 script/update/blobs/inject create mode 100755 script/update/vendor/download create mode 100755 script/update/vendor/inject (limited to 'script/update') diff --git a/script/update/blobs/download b/script/update/blobs/download deleted file mode 100755 index a1000423..00000000 --- a/script/update/blobs/download +++ /dev/null @@ -1,170 +0,0 @@ -#!/usr/bin/env sh -# SPDX-License-Identifier: GPL-3.0-only -# SPDX-FileCopyrightText: 2022 Caleb La Grange -# SPDX-FileCopyrightText: 2022 Ferass El Hafidi -# SPDX-FileCopyrightText: 2023 Leah Rowe - -. "include/err.sh" -. "include/blobutil.sh" -. "include/mrc.sh" -. "include/option.sh" - -export PATH="${PATH}:/sbin" - -main() -{ - [ $# -gt 0 ] || err "No argument given" - board="${1}" - boarddir="${cbcfgsdir}/${board}" - _b="${board%%_*mb}" # shorthand (avoid duplicating config per rom size) - - check_defconfig "${boarddir}" || exit 0 - detect_firmware && exit 0 - scan_config "${_b}" "config/blobs" "err" - - build_dependencies - download_blobs -} - -detect_firmware() -{ - set -- "${boarddir}/config/"* - . "${1}" 2>/dev/null - - for c in CONFIG_HAVE_MRC CONFIG_HAVE_ME_BIN CONFIG_KBC1126_FIRMWARE \ - CONFIG_VGA_BIOS_FILE CONFIG_INCLUDE_SMSC_SCH5545_EC_FW; do - eval "[ -z \"\${${c}}\" ] || return 1" - done - printf "Blobs not needed for: %s\n" "${board}" 1>&2 -} - -build_dependencies() -{ - [ -d ${cbdir} ] || \ - x_ ./update project trees coreboot ${cbdir##*/} - for d in uefitool biosutilities bios_extract me_cleaner; do - [ -d "src/${d}" ] && continue - x_ ./update project repo "${d}" - done - [ -f "${uefiextract}" ] || \ - x_ ./update project build -b uefitool - [ -f "${kbc1126_ec_dump}" ] || \ - x_ make -C "${cbdir}/util/kbc1126" - x_ ./build coreboot utils default -} - -download_blobs() -{ - [ -z "${CONFIG_HAVE_ME_BIN}" ] || \ - fetch "intel_me" "${DL_url}" "${DL_url_bkup}" "${DL_hash}" \ - "${CONFIG_ME_BIN_PATH}" - [ -z "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" ] || \ - fetch "sch5545ec" "${SCH5545EC_DL_url}" \ - "${SCH5545EC_DL_url_bkup}" "${SCH5545EC_DL_hash}" \ - "${CONFIG_SMSC_SCH5545_EC_FW_FILE}" - [ -z "${CONFIG_KBC1126_FIRMWARE}" ] || \ - fetch "kbc1126ec" "${EC_url}" "${EC_url_bkup}" "${EC_hash}" \ - "${CONFIG_KBC1126_FW1}" - [ -z "${CONFIG_VGA_BIOS_FILE}" ] || \ - fetch "e6400vga" "${E6400_VGA_DL_url}" \ - "${E6400_VGA_DL_url_bkup}" "${E6400_VGA_DL_hash}" \ - "${CONFIG_VGA_BIOS_FILE}" - [ -z "${CONFIG_HAVE_MRC}" ] && return 0 - fetch "mrc" "${MRC_url}" "${MRC_url_bkup}" "${MRC_hash}" \ - "${CONFIG_MRC_FILE}" -} - -extract_intel_me() -{ - _me="${PWD}/${_dest}" # must always be an absolute path - cdir="${PWD}/${appdir}" # must always be an absolute path - [ $# -gt 0 ] && _me="${1}" - [ $# -gt 0 ] && cdir="${2}" - [ -f "${_me}" ] && return 0 - - sdir="$(mktemp -d)" - mkdir -p "${sdir}" || err "extract_intel_me: !mkdir -p \"${sdir}\"" - ( - cd "${cdir}" || err "extract_intel_me: !cd \"${cdir}\"" - for i in *; do - [ -f "${_me}" ] && break - [ -L "${i}" ] && continue - if [ -f "${i}" ]; then - "${mecleaner}" -r -t -O "${sdir}/vendorfile" \ - -M "${_me}" "${i}" && break - "${mecleaner}" -r -t -O "${_me}" "${i}" && break - "${me7updateparser}" -O "${_me}" "${i}" && break - _7ztest="${_7ztest}a" - extract_archive "${i}" "${_7ztest}" || continue - extract_intel_me "${_me}" "${cdir}/${_7ztest}" - elif [ -d "$i" ]; then - extract_intel_me "${_me}" "${cdir}/${i}" - else - continue - fi - cdir="${1}" - cd "${cdir}" - done - ) - rm -Rf "${sdir}" || err "extract_intel_me: !rm -Rf ${sdir}" -} - -extract_kbc1126ec() -{ - ( - x_ cd "${appdir}/" - mv Rompaq/68*.BIN ec.bin || : - if [ ! -f ec.bin ]; then - unar -D ROM.CAB Rom.bin || unar -D Rom.CAB Rom.bin || \ - x_ unar -D 68*.CAB Rom.bin - x_ mv Rom.bin ec.bin - fi - [ -f ec.bin ] || err "extract_kbc1126_ec ${board}: can't extract" - "${kbc1126_ec_dump}" ec.bin || \ - err "extract_kbc1126_ec ${board}: can't extract ecfw1/2.bin" - ) - ec_ex="y" - for i in 1 2; do - [ -f "${appdir}/ec.bin.fw${i}" ] || ec_ex="n" - done - [ "${ec_ex}" = "y" ] || \ - err "extract_kbc1126_ec ${board}: didn't extract ecfw1/2.bin" - x_ cp "${appdir}/"ec.bin.fw* "${_dest%/*}/" -} - -extract_e6400vga() -{ - [ "${E6400_VGA_offset}" = "" ] && \ - err "extract_e6400vga: E6400 VGA offset not defined" - [ "${E6400_VGA_romname}" = "" ] && \ - err "extract_e6400vga: E6400 VGA ROM name not defined" - tail -c +${E6400_VGA_offset} "${_dl}" | \ - gunzip >"${appdir}/bios.bin" || : - ( - x_ cd "${appdir}" - [ -f "bios.bin" ] || err "extract_e6400vga: can't extract bios.bin" - "${e6400_unpack}" bios.bin || printf "TODO: fix dell extract util\n" - [ -f "${E6400_VGA_romname}" ] || \ - err "extract_e6400vga: can't extract vga rom from bios.bin" - ) - x_ cp "${appdir}/${E6400_VGA_romname}" "${_dest}" -} - -extract_sch5545ec() -{ - # full system ROM (UEFI), to extract with UEFIExtract: - _bios="${_dl}_extracted/Firmware" - _bios="${_bios}/1 ${dlsum} -- 1 System BIOS vA.28.bin" - # this is the SCH5545 firmware, inside of the extracted UEFI ROM: - _sch5545ec_fw="${_bios}.dump/4 7A9354D9-0468-444A-81CE-0BF617D890DF" - _sch5545ec_fw="${_sch5545ec_fw}/54 D386BEB8-4B54-4E69-94F5-06091F67E0D3" - _sch5545ec_fw="${_sch5545ec_fw}/0 Raw section/body.bin" # <-- this! - - # this makes the file defined by _sch5545ec_fw available to copy - "${uefiextract}" "${_bios}" || \ - err "extract_sch5545ec: cannot extract from uefi image" - cp "${_sch5545ec_fw}" "${_dest}" || \ - err "extract_sch5545ec: cannot copy sch5545ec firmware file" -} - -main $@ diff --git a/script/update/blobs/inject b/script/update/blobs/inject deleted file mode 100755 index d778fe78..00000000 --- a/script/update/blobs/inject +++ /dev/null @@ -1,314 +0,0 @@ -#!/usr/bin/env sh -# SPDX-License-Identifier: GPL-3.0-only -# SPDX-FileCopyrightText: 2022 Caleb La Grange -# SPDX-FileCopyrightText: 2022 Ferass El Hafidi -# SPDX-FileCopyrightText: 2023 Leah Rowe - -. "include/err.sh" -. "include/blobutil.sh" -. "include/option.sh" - -release_archive="n" - -main() -{ - [ $# -lt 1 ] && err "No options specified." - [ "${1}" = "listboards" ] && \ - listitems config/coreboot && exit 0 - - archive="${1}" - - while getopts r:b:m: option - do - case "${option}" in - r) rom=${OPTARG} ;; - b) board=${OPTARG} ;; - m) modifygbe=true - new_mac=${OPTARG} ;; - esac - done - - check_board - build_dependencies - inject_blobs - - printf "Friendly reminder (this is *not* an error message):\n" - printf "Please always ensure that the files were inserted correctly.\n" -} - -check_board() -{ - if ! check_release "${archive}" ; then - [ -f "${rom}" ] || \ - err "check_board: \"${rom}\" is not a valid path" - [ -z ${rom+x} ] && \ - err "check_board: no rom specified" - [ ! -z ${board+x} ] || \ - board=$(detect_board "${rom}") - else - release=true - releasearchive="${archive}" - board=$(detect_board "${archive}") - fi - - boarddir="${cbcfgsdir}/${board}" - [ -d "${boarddir}" ] && return 0 - err "check_board: board ${board} not found" -} - -check_release() -{ - [ -f "${archive}" ] || return 1 - [ "${archive##*.}" = "xz" ] || return 1 - printf "%s\n" "Release archive ${archive} detected" -} - -# This function tries to determine the board from the filename of the rom. -# It will only succeed if the filename is not changed from the build/download -detect_board() -{ - path="${1}" - filename=$(basename ${path}) - case ${filename} in - grub_*) - board=$(echo "${filename}" | cut -d '_' -f2-3) ;; - seabios_withgrub_*) - board=$(echo "${filename}" | cut -d '_' -f3-4) ;; - *.tar.xz) - _stripped_prefix=${filename#*_} - board="${_stripped_prefix%.tar.xz}" ;; - *) - err "detect_board: could not detect board type" - esac - [ -d "${boarddir}/" ] || \ - err "detect_board: dir, ${boarddir}, doesn't exist" - printf "%s\n" "${board}" -} - -build_dependencies() -{ - [ -d "${cbdir}" ] || x_ ./update project trees coreboot default - x_ ./build coreboot utils default - x_ ./update blobs download ${board} -} - -inject_blobs() -{ - release_archive="n" - [ "${release}" != "true" ] && x_ patch_rom "${rom}" && return 0 - printf "patching release file\n" - release_archive="y" - patch_release_roms -} - -patch_release_roms() -{ - _tmpdir="tmp/romdir" - x_ rm -Rf "${_tmpdir}" - x_ mkdir -p "${_tmpdir}" - x_ tar -xf "${releasearchive}" -C "${_tmpdir}" - - for x in "${_tmpdir}"/bin/*/*.rom ; do - printf "patching rom: %s\n" "$x" - x_ patch_rom "${x}" - done - for x in "${_tmpdir}"/bin/*/*_nomicrocode.rom ; do - [ -f "${x}" ] || continue - [ -f "${x%_nomicrocode.rom}.rom" ] || continue - - x_ cp "${x%_nomicrocode.rom}.rom" "${x}" - x_ "${cbfstool}" "${x}" remove -n cpu_microcode_blob.bin - done - - ( - x_ cd "${_tmpdir}/bin/"* - - # NOTE: For compatibility with older rom releases, defer to sha1 - sha512sum --status -c blobhashes || \ - sha1sum --status -c blobhashes || \ - err "patch_release_roms: ROMs did not match expected hashes" - ) - - if [ "${modifygbe}" = "true" ]; then - for x in "${_tmpdir}"/bin/*/*.rom ; do - modify_gbe "${x}" - done - fi - - [ -d bin/release ] || x_ mkdir -p bin/release - x_ mv "${_tmpdir}"/bin/* bin/release/ - - printf "Success! Your ROMs are in bin/release\n" - - x_ rm -Rf "${_tmpdir}" -} - -patch_rom() -{ - rom="${1}" - - # we don't process no-microcode roms; these are - # instead re-created at the end, after re-inserting - # on roms with microcode, by copying and then removing, - # so that the hashes will match (otherwise, cbfstool - # may sometimes insert certain blobs at the wrong offset) - # (unless nomicrocode is the only config provided) - [ "${rom}" != "${rom%_nomicrocode.rom}.rom" ] && \ - [ -f "${rom%_nomicrocode.rom}.rom" ] && \ - [ "${release_archive}" = "y" ] && return 0 - - x_ check_defconfig "${boarddir}" - - set -- "${boarddir}/config/"* - . "${1}" 2>/dev/null - - [ "$CONFIG_HAVE_MRC" = "y" ] && \ - inject_blob_intel_mrc "${rom}" - [ "${CONFIG_HAVE_ME_BIN}" = "y" ] && \ - inject_blob_intel_me "${rom}" - [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ] && \ - inject_blob_hp_kbc1126_ec "${rom}" - [ "${CONFIG_VGA_BIOS_FILE}" != "" ] && \ - [ "${CONFIG_VGA_BIOS_ID}" != "" ] && \ - inject_blob_dell_e6400_vgarom_nvidia "${rom}" - [ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" = "y" ] && \ - [ "${CONFIG_SMSC_SCH5545_EC_FW_FILE}" != "" ] && \ - inject_blob_smsc_sch5545_ec "${rom}" - [ "${modifygbe}" = "true" ] && ! [ "${release}" = "true" ] && \ - modify_gbe "${rom}" - - printf "ROM image successfully patched: %s\n" "${rom}" -} - -inject_blob_intel_mrc() -{ - rom="${1}" - - printf "adding mrc\n" - - # mrc.bin must be inserted at a specific offset - - # in cbfstool, -b values above 0x80000000 are interpreted as - # top-aligned x86 memory locations. this is converted into an - # absolute offset within the flash, and inserted accordingly - # at that offset into the ROM image file - - # coreboot's own build system hardcodes the mrc.bin offset - # because there is only one correct location in memory, but - # it would be useful for us if it could be easily scanned - # from Kconfig, with the option to change it where in practise - # it is not changed - - # the hardcoded offset below is based upon reading of the coreboot - # source code, and it is *always* correct for haswell platform. - # TODO: this logic should be tweaked to handle more platforms - - x_ "${cbfstool}" "${rom}" add -f mrc/haswell/mrc.bin -n mrc.bin \ - -t mrc -b 0xfffa0000 -} - -inject_blob_intel_me() -{ - printf "adding intel me firmware\n" - - rom="${1}" - [ -z ${CONFIG_ME_BIN_PATH} ] && \ - err "inject_blob_intel_me: CONFIG_ME_BIN_PATH not set" - - _me_location=${CONFIG_ME_BIN_PATH##*../} - [ ! -f "${_me_location}" ] && \ - err "inject_blob_intel_me: per CONFIG_ME_BIN_PATH: file missing" - - x_ "${ifdtool}" -i me:"${_me_location}" "${rom}" -O "${rom}" -} - -inject_blob_hp_kbc1126_ec() -{ - rom="${1}" - - _ec1_location="${CONFIG_KBC1126_FW1##*../}" - _ec1_offset="${CONFIG_KBC1126_FW1_OFFSET}" - _ec2_location="${CONFIG_KBC1126_FW2##*../}" - _ec2_offset="${CONFIG_KBC1126_FW2_OFFSET}" - - printf "adding hp kbc1126 ec firmware\n" - - if [ "${_ec1_offset}" = "" ] || [ "${_ec1_offset}" = "" ]; then - err "inject_blob_hp_kbc1126_ec: ${board}: offset not declared" - elif [ "${_ec1_location}" = "" ] || [ "${_ec2_location}" = "" ]; then - err "inject_blob_hp_kbc1126_ec: ${board}: EC path not declared" - elif [ ! -f "${_ec1_location}" ] || [ ! -f "${_ec2_location}" ]; then - err "inject_blob_hp_kbc1126_ec: ${board}: ecfw not downloaded" - fi - - x_ "${cbfstool}" "${rom}" add -f "${_ec1_location}" -n ecfw1.bin \ - -b ${_ec1_offset} -t raw - x_ "${cbfstool}" "${rom}" add -f "${_ec2_location}" -n ecfw2.bin \ - -b ${_ec2_offset} -t raw -} - -inject_blob_dell_e6400_vgarom_nvidia() -{ - rom="${1}" - - _vga_location="${CONFIG_VGA_BIOS_FILE##*../}" - _vga_dir="${_vga_location%/*}" - _vga_filename="${_vga_location##*/}" - - printf "adding pci option rom\n" - - [ "${_vga_dir}" = "${pciromsdir}" ] || \ - err "inject_blob_dell_e6400vga: invalid pcirom dir: ${_vga_dir}" - [ -f "${_vga_location}" ] || \ - err "inject_blob_dell_e6400vga: ${_vga_location} doesn't exist" - - x_ "${cbfstool}" "${rom}" add -f "${_vga_location}" \ - -n "pci${CONFIG_VGA_BIOS_ID}.rom" -t optionrom -} - -inject_blob_smsc_sch5545_ec() -{ - rom="${1}" - _sch5545ec_location="${CONFIG_SMSC_SCH5545_EC_FW_FILE##*../}" - [ -f "${_sch5545ec_location}" ] || \ - err "inject_blob_smsc_sch5545_ec: SCH5545 fw missing" - - x_ "${cbfstool}" "${rom}" add -f "${_sch5545ec_location}" \ - -n sch5545_ecfw.bin -t raw -} - -modify_gbe() -{ - printf "changing mac address in gbe to ${new_mac}\n" - [ -z ${CONFIG_GBE_BIN_PATH} ] && \ - err "modify_gbe: ${board}: CONFIG_GBE_BIN_PATH not set" - - rom="${1}" - _gbe_location=${CONFIG_GBE_BIN_PATH##*../} - [ -f "${_gbe_location}" ] || \ - err "modify_gbe: CONFIG_GBE_BIN_PATH points to missing file" - [ -f "${nvmutil}" ] || \ - x_ make -C util/nvmutil - - _gbe_tmp=$(mktemp -t gbeXXXX.bin) - x_ cp "${_gbe_location}" "${_gbe_tmp}" - x_ "${nvmutil}" "${_gbe_tmp}" setmac "${new_mac}" - x_ "${ifdtool}" -i GbE:"${_gbe_tmp}" "${rom}" -O "${rom}" - - x_ rm -f "${_gbe_tmp}" -} - -usage() -{ - cat <<- EOF - USAGE: ./update blobs inject -r [rom path] -b [boardname] -m [macaddress] - Example: ./update blobs inject -r x230_12mb.rom -b x230_12mb - - Adding a macadress to the gbe is optional. - If the [-m] parameter is left blank, the gbe will not be touched. - - Type './update blobs inject listboards' to get a list of valid boards - EOF -} - -main $@ diff --git a/script/update/project/build b/script/update/project/build index 69c11105..81343754 100755 --- a/script/update/project/build +++ b/script/update/project/build @@ -91,7 +91,7 @@ handle_targets() printf "Running 'make %s' for project '%s, target '%s''\n" \ "${mode}" "${project}" "${target}" [ "${project}" != "coreboot" ] || [ ! -z ${mode} ] || \ - x_ ./update blobs download ${target} + x_ ./update vendor download ${target} x_ handle_defconfig done diff --git a/script/update/release/roms b/script/update/release/roms index e4d5db4f..60622315 100755 --- a/script/update/release/roms +++ b/script/update/release/roms @@ -120,12 +120,12 @@ strip_archive() done fi - # Hash the rom before removing blobs - x_ rm -f "${romdir}/blobhashes" - x_ touch "${romdir}/blobhashes" + # Hash the rom before removing vendor files + x_ rm -f "${romdir}/vendorhashes" + x_ touch "${romdir}/vendorhashes" ( x_ cd "${romdir}" - x_ sha512sum *.rom >> blobhashes + x_ sha512sum *.rom >> vendorhashes ) for romfile in "${romdir}"/*.rom; do [ -f "${romfile}" ] || continue diff --git a/script/update/vendor/download b/script/update/vendor/download new file mode 100755 index 00000000..21b0f7ed --- /dev/null +++ b/script/update/vendor/download @@ -0,0 +1,170 @@ +#!/usr/bin/env sh +# SPDX-License-Identifier: GPL-3.0-only +# SPDX-FileCopyrightText: 2022 Caleb La Grange +# SPDX-FileCopyrightText: 2022 Ferass El Hafidi +# SPDX-FileCopyrightText: 2023 Leah Rowe + +. "include/err.sh" +. "include/vendor.sh" +. "include/mrc.sh" +. "include/option.sh" + +export PATH="${PATH}:/sbin" + +main() +{ + [ $# -gt 0 ] || err "No argument given" + board="${1}" + boarddir="${cbcfgsdir}/${board}" + _b="${board%%_*mb}" # shorthand (avoid duplicating config per rom size) + + check_defconfig "${boarddir}" || exit 0 + detect_firmware && exit 0 + scan_config "${_b}" "config/vendor" "err" + + build_dependencies + download_vendorfiles +} + +detect_firmware() +{ + set -- "${boarddir}/config/"* + . "${1}" 2>/dev/null + + for c in CONFIG_HAVE_MRC CONFIG_HAVE_ME_BIN CONFIG_KBC1126_FIRMWARE \ + CONFIG_VGA_BIOS_FILE CONFIG_INCLUDE_SMSC_SCH5545_EC_FW; do + eval "[ -z \"\${${c}}\" ] || return 1" + done + printf "Vendor files not needed for: %s\n" "${board}" 1>&2 +} + +build_dependencies() +{ + [ -d ${cbdir} ] || \ + x_ ./update project trees coreboot ${cbdir##*/} + for d in uefitool biosutilities bios_extract me_cleaner; do + [ -d "src/${d}" ] && continue + x_ ./update project repo "${d}" + done + [ -f "${uefiextract}" ] || \ + x_ ./update project build -b uefitool + [ -f "${kbc1126_ec_dump}" ] || \ + x_ make -C "${cbdir}/util/kbc1126" + x_ ./build coreboot utils default +} + +download_vendorfiles() +{ + [ -z "${CONFIG_HAVE_ME_BIN}" ] || \ + fetch "intel_me" "${DL_url}" "${DL_url_bkup}" "${DL_hash}" \ + "${CONFIG_ME_BIN_PATH}" + [ -z "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" ] || \ + fetch "sch5545ec" "${SCH5545EC_DL_url}" \ + "${SCH5545EC_DL_url_bkup}" "${SCH5545EC_DL_hash}" \ + "${CONFIG_SMSC_SCH5545_EC_FW_FILE}" + [ -z "${CONFIG_KBC1126_FIRMWARE}" ] || \ + fetch "kbc1126ec" "${EC_url}" "${EC_url_bkup}" "${EC_hash}" \ + "${CONFIG_KBC1126_FW1}" + [ -z "${CONFIG_VGA_BIOS_FILE}" ] || \ + fetch "e6400vga" "${E6400_VGA_DL_url}" \ + "${E6400_VGA_DL_url_bkup}" "${E6400_VGA_DL_hash}" \ + "${CONFIG_VGA_BIOS_FILE}" + [ -z "${CONFIG_HAVE_MRC}" ] && return 0 + fetch "mrc" "${MRC_url}" "${MRC_url_bkup}" "${MRC_hash}" \ + "${CONFIG_MRC_FILE}" +} + +extract_intel_me() +{ + _me="${PWD}/${_dest}" # must always be an absolute path + cdir="${PWD}/${appdir}" # must always be an absolute path + [ $# -gt 0 ] && _me="${1}" + [ $# -gt 0 ] && cdir="${2}" + [ -f "${_me}" ] && return 0 + + sdir="$(mktemp -d)" + mkdir -p "${sdir}" || err "extract_intel_me: !mkdir -p \"${sdir}\"" + ( + cd "${cdir}" || err "extract_intel_me: !cd \"${cdir}\"" + for i in *; do + [ -f "${_me}" ] && break + [ -L "${i}" ] && continue + if [ -f "${i}" ]; then + "${mecleaner}" -r -t -O "${sdir}/vendorfile" \ + -M "${_me}" "${i}" && break + "${mecleaner}" -r -t -O "${_me}" "${i}" && break + "${me7updateparser}" -O "${_me}" "${i}" && break + _7ztest="${_7ztest}a" + extract_archive "${i}" "${_7ztest}" || continue + extract_intel_me "${_me}" "${cdir}/${_7ztest}" + elif [ -d "$i" ]; then + extract_intel_me "${_me}" "${cdir}/${i}" + else + continue + fi + cdir="${1}" + cd "${cdir}" + done + ) + rm -Rf "${sdir}" || err "extract_intel_me: !rm -Rf ${sdir}" +} + +extract_kbc1126ec() +{ + ( + x_ cd "${appdir}/" + mv Rompaq/68*.BIN ec.bin || : + if [ ! -f ec.bin ]; then + unar -D ROM.CAB Rom.bin || unar -D Rom.CAB Rom.bin || \ + x_ unar -D 68*.CAB Rom.bin + x_ mv Rom.bin ec.bin + fi + [ -f ec.bin ] || err "extract_kbc1126_ec ${board}: can't extract" + "${kbc1126_ec_dump}" ec.bin || \ + err "extract_kbc1126_ec ${board}: can't extract ecfw1/2.bin" + ) + ec_ex="y" + for i in 1 2; do + [ -f "${appdir}/ec.bin.fw${i}" ] || ec_ex="n" + done + [ "${ec_ex}" = "y" ] || \ + err "extract_kbc1126_ec ${board}: didn't extract ecfw1/2.bin" + x_ cp "${appdir}/"ec.bin.fw* "${_dest%/*}/" +} + +extract_e6400vga() +{ + [ "${E6400_VGA_offset}" = "" ] && \ + err "extract_e6400vga: E6400 VGA offset not defined" + [ "${E6400_VGA_romname}" = "" ] && \ + err "extract_e6400vga: E6400 VGA ROM name not defined" + tail -c +${E6400_VGA_offset} "${_dl}" | \ + gunzip >"${appdir}/bios.bin" || : + ( + x_ cd "${appdir}" + [ -f "bios.bin" ] || err "extract_e6400vga: can't extract bios.bin" + "${e6400_unpack}" bios.bin || printf "TODO: fix dell extract util\n" + [ -f "${E6400_VGA_romname}" ] || \ + err "extract_e6400vga: can't extract vga rom from bios.bin" + ) + x_ cp "${appdir}/${E6400_VGA_romname}" "${_dest}" +} + +extract_sch5545ec() +{ + # full system ROM (UEFI), to extract with UEFIExtract: + _bios="${_dl}_extracted/Firmware" + _bios="${_bios}/1 ${dlsum} -- 1 System BIOS vA.28.bin" + # this is the SCH5545 firmware, inside of the extracted UEFI ROM: + _sch5545ec_fw="${_bios}.dump/4 7A9354D9-0468-444A-81CE-0BF617D890DF" + _sch5545ec_fw="${_sch5545ec_fw}/54 D386BEB8-4B54-4E69-94F5-06091F67E0D3" + _sch5545ec_fw="${_sch5545ec_fw}/0 Raw section/body.bin" # <-- this! + + # this makes the file defined by _sch5545ec_fw available to copy + "${uefiextract}" "${_bios}" || \ + err "extract_sch5545ec: cannot extract from uefi image" + cp "${_sch5545ec_fw}" "${_dest}" || \ + err "extract_sch5545ec: cannot copy sch5545ec firmware file" +} + +main $@ diff --git a/script/update/vendor/inject b/script/update/vendor/inject new file mode 100755 index 00000000..eac4da37 --- /dev/null +++ b/script/update/vendor/inject @@ -0,0 +1,316 @@ +#!/usr/bin/env sh +# SPDX-License-Identifier: GPL-3.0-only +# SPDX-FileCopyrightText: 2022 Caleb La Grange +# SPDX-FileCopyrightText: 2022 Ferass El Hafidi +# SPDX-FileCopyrightText: 2023 Leah Rowe + +. "include/err.sh" +. "include/vendor.sh" +. "include/option.sh" + +release_archive="n" + +main() +{ + [ $# -lt 1 ] && err "No options specified." + [ "${1}" = "listboards" ] && \ + listitems config/coreboot && exit 0 + + archive="${1}" + + while getopts r:b:m: option + do + case "${option}" in + r) rom=${OPTARG} ;; + b) board=${OPTARG} ;; + m) modifygbe=true + new_mac=${OPTARG} ;; + esac + done + + check_board + build_dependencies + inject_vendorfiles + + printf "Friendly reminder (this is *not* an error message):\n" + printf "Please always ensure that the files were inserted correctly.\n" +} + +check_board() +{ + if ! check_release "${archive}" ; then + [ -f "${rom}" ] || \ + err "check_board: \"${rom}\" is not a valid path" + [ -z ${rom+x} ] && \ + err "check_board: no rom specified" + [ ! -z ${board+x} ] || \ + board=$(detect_board "${rom}") + else + release=true + releasearchive="${archive}" + board=$(detect_board "${archive}") + fi + + boarddir="${cbcfgsdir}/${board}" + [ -d "${boarddir}" ] && return 0 + err "check_board: board ${board} not found" +} + +check_release() +{ + [ -f "${archive}" ] || return 1 + [ "${archive##*.}" = "xz" ] || return 1 + printf "%s\n" "Release archive ${archive} detected" +} + +# This function tries to determine the board from the filename of the rom. +# It will only succeed if the filename is not changed from the build/download +detect_board() +{ + path="${1}" + filename=$(basename ${path}) + case ${filename} in + grub_*) + board=$(echo "${filename}" | cut -d '_' -f2-3) ;; + seabios_withgrub_*) + board=$(echo "${filename}" | cut -d '_' -f3-4) ;; + *.tar.xz) + _stripped_prefix=${filename#*_} + board="${_stripped_prefix%.tar.xz}" ;; + *) + err "detect_board: could not detect board type" + esac + [ -d "${boarddir}/" ] || \ + err "detect_board: dir, ${boarddir}, doesn't exist" + printf "%s\n" "${board}" +} + +build_dependencies() +{ + [ -d "${cbdir}" ] || x_ ./update project trees coreboot default + x_ ./build coreboot utils default + x_ ./update vendor download ${board} +} + +inject_vendorfiles() +{ + release_archive="n" + [ "${release}" != "true" ] && x_ patch_rom "${rom}" && return 0 + printf "patching release file\n" + release_archive="y" + patch_release_roms +} + +patch_release_roms() +{ + _tmpdir="tmp/romdir" + x_ rm -Rf "${_tmpdir}" + x_ mkdir -p "${_tmpdir}" + x_ tar -xf "${releasearchive}" -C "${_tmpdir}" + + for x in "${_tmpdir}"/bin/*/*.rom ; do + printf "patching rom: %s\n" "$x" + x_ patch_rom "${x}" + done + for x in "${_tmpdir}"/bin/*/*_nomicrocode.rom ; do + [ -f "${x}" ] || continue + [ -f "${x%_nomicrocode.rom}.rom" ] || continue + + x_ cp "${x%_nomicrocode.rom}.rom" "${x}" + x_ "${cbfstool}" "${x}" remove -n cpu_microcode_blob.bin + done + + ( + x_ cd "${_tmpdir}/bin/"* + + # NOTE: For compatibility with older rom releases, defer to sha1 + sha512sum --status -c vendorhashes || \ + sha1sum --status -c vendorhashes || \ + sha512sum --status -c blobhashes || \ + sha1sum --status -c blobhashes || \ + err "patch_release_roms: ROMs did not match expected hashes" + ) + + if [ "${modifygbe}" = "true" ]; then + for x in "${_tmpdir}"/bin/*/*.rom ; do + modify_gbe "${x}" + done + fi + + [ -d bin/release ] || x_ mkdir -p bin/release + x_ mv "${_tmpdir}"/bin/* bin/release/ + + printf "Success! Your ROMs are in bin/release\n" + + x_ rm -Rf "${_tmpdir}" +} + +patch_rom() +{ + rom="${1}" + + # we don't process no-microcode roms; these are + # instead re-created at the end, after re-inserting + # on roms with microcode, by copying and then removing, + # so that the hashes will match (otherwise, cbfstool + # may sometimes insert certain vendor files at the wrong offset) + # (unless nomicrocode is the only config provided) + [ "${rom}" != "${rom%_nomicrocode.rom}.rom" ] && \ + [ -f "${rom%_nomicrocode.rom}.rom" ] && \ + [ "${release_archive}" = "y" ] && return 0 + + x_ check_defconfig "${boarddir}" + + set -- "${boarddir}/config/"* + . "${1}" 2>/dev/null + + [ "$CONFIG_HAVE_MRC" = "y" ] && \ + inject_vendorfile_intel_mrc "${rom}" + [ "${CONFIG_HAVE_ME_BIN}" = "y" ] && \ + inject_vendorfile_intel_me "${rom}" + [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ] && \ + inject_vendorfile_hp_kbc1126_ec "${rom}" + [ "${CONFIG_VGA_BIOS_FILE}" != "" ] && \ + [ "${CONFIG_VGA_BIOS_ID}" != "" ] && \ + inject_vendorfile_dell_e6400_vgarom_nvidia "${rom}" + [ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" = "y" ] && \ + [ "${CONFIG_SMSC_SCH5545_EC_FW_FILE}" != "" ] && \ + inject_vendorfile_smsc_sch5545_ec "${rom}" + [ "${modifygbe}" = "true" ] && ! [ "${release}" = "true" ] && \ + modify_gbe "${rom}" + + printf "ROM image successfully patched: %s\n" "${rom}" +} + +inject_vendorfile_intel_mrc() +{ + rom="${1}" + + printf "adding mrc\n" + + # mrc.bin must be inserted at a specific offset + + # in cbfstool, -b values above 0x80000000 are interpreted as + # top-aligned x86 memory locations. this is converted into an + # absolute offset within the flash, and inserted accordingly + # at that offset into the ROM image file + + # coreboot's own build system hardcodes the mrc.bin offset + # because there is only one correct location in memory, but + # it would be useful for us if it could be easily scanned + # from Kconfig, with the option to change it where in practise + # it is not changed + + # the hardcoded offset below is based upon reading of the coreboot + # source code, and it is *always* correct for haswell platform. + # TODO: this logic should be tweaked to handle more platforms + + x_ "${cbfstool}" "${rom}" add -f mrc/haswell/mrc.bin -n mrc.bin \ + -t mrc -b 0xfffa0000 +} + +inject_vendorfile_intel_me() +{ + printf "adding intel me firmware\n" + + rom="${1}" + [ -z ${CONFIG_ME_BIN_PATH} ] && \ + err "inject_vendorfile_intel_me: CONFIG_ME_BIN_PATH not set" + + _me_location=${CONFIG_ME_BIN_PATH##*../} + [ ! -f "${_me_location}" ] && \ + err "inject_vendorfile_intel_me: per CONFIG_ME_BIN_PATH: file missing" + + x_ "${ifdtool}" -i me:"${_me_location}" "${rom}" -O "${rom}" +} + +inject_vendorfile_hp_kbc1126_ec() +{ + rom="${1}" + + _ec1_location="${CONFIG_KBC1126_FW1##*../}" + _ec1_offset="${CONFIG_KBC1126_FW1_OFFSET}" + _ec2_location="${CONFIG_KBC1126_FW2##*../}" + _ec2_offset="${CONFIG_KBC1126_FW2_OFFSET}" + + printf "adding hp kbc1126 ec firmware\n" + + if [ "${_ec1_offset}" = "" ] || [ "${_ec1_offset}" = "" ]; then + err "inject_vendorfile_hp_kbc1126_ec: ${board}: offset not declared" + elif [ "${_ec1_location}" = "" ] || [ "${_ec2_location}" = "" ]; then + err "inject_vendorfile_hp_kbc1126_ec: ${board}: EC path not declared" + elif [ ! -f "${_ec1_location}" ] || [ ! -f "${_ec2_location}" ]; then + err "inject_vendorfile_hp_kbc1126_ec: ${board}: ecfw not downloaded" + fi + + x_ "${cbfstool}" "${rom}" add -f "${_ec1_location}" -n ecfw1.bin \ + -b ${_ec1_offset} -t raw + x_ "${cbfstool}" "${rom}" add -f "${_ec2_location}" -n ecfw2.bin \ + -b ${_ec2_offset} -t raw +} + +inject_vendorfile_dell_e6400_vgarom_nvidia() +{ + rom="${1}" + + _vga_location="${CONFIG_VGA_BIOS_FILE##*../}" + _vga_dir="${_vga_location%/*}" + _vga_filename="${_vga_location##*/}" + + printf "adding pci option rom\n" + + [ "${_vga_dir}" = "${pciromsdir}" ] || \ + err "inject_vendorfile_dell_e6400vga: invalid pcirom dir: ${_vga_dir}" + [ -f "${_vga_location}" ] || \ + err "inject_vendorfile_dell_e6400vga: ${_vga_location} doesn't exist" + + x_ "${cbfstool}" "${rom}" add -f "${_vga_location}" \ + -n "pci${CONFIG_VGA_BIOS_ID}.rom" -t optionrom +} + +inject_vendorfile_smsc_sch5545_ec() +{ + rom="${1}" + _sch5545ec_location="${CONFIG_SMSC_SCH5545_EC_FW_FILE##*../}" + [ -f "${_sch5545ec_location}" ] || \ + err "inject_vendorfile_smsc_sch5545_ec: SCH5545 fw missing" + + x_ "${cbfstool}" "${rom}" add -f "${_sch5545ec_location}" \ + -n sch5545_ecfw.bin -t raw +} + +modify_gbe() +{ + printf "changing mac address in gbe to ${new_mac}\n" + [ -z ${CONFIG_GBE_BIN_PATH} ] && \ + err "modify_gbe: ${board}: CONFIG_GBE_BIN_PATH not set" + + rom="${1}" + _gbe_location=${CONFIG_GBE_BIN_PATH##*../} + [ -f "${_gbe_location}" ] || \ + err "modify_gbe: CONFIG_GBE_BIN_PATH points to missing file" + [ -f "${nvmutil}" ] || \ + x_ make -C util/nvmutil + + _gbe_tmp=$(mktemp -t gbeXXXX.bin) + x_ cp "${_gbe_location}" "${_gbe_tmp}" + x_ "${nvmutil}" "${_gbe_tmp}" setmac "${new_mac}" + x_ "${ifdtool}" -i GbE:"${_gbe_tmp}" "${rom}" -O "${rom}" + + x_ rm -f "${_gbe_tmp}" +} + +usage() +{ + cat <<- EOF + USAGE: ./update vendor inject -r [rom path] -b [boardname] -m [macaddress] + Example: ./update vendor inject -r x230_12mb.rom -b x230_12mb + + Adding a macadress to the gbe is optional. + If the [-m] parameter is left blank, the gbe will not be touched. + + Type './update vendor inject listboards' to get a list of valid boards + EOF +} + +main $@ -- cgit v1.2.1