canoeboot
/
cbmk
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cbmk/include/inject.sh

216 lines
6.3 KiB
Bash
Raw Normal View History

inject.sh: MAC address changer (not vendorfiles) This is based on include/vendor.sh from this lbmk revision: 3c9f4be76f61c80060b4238eff96ef268272cffb This version doesn't support downloading/injecting vendor files such as Intel ME; that's what the lbmk version is for. If you try to run this on a Libreboot archive that uses vendor files, the script will see that there is a hash file present, and not inject a new MAC. HOWEVER: if the hash file is not present, it will work just fine, but again only change the MAC. That way, you can use the "./mk inject" command from lbmk, to insert files such as Intel ME. In practise, due to the design checking out a specific cbfstool version based on the board config, you can only use a config in this way that's present on both Libreboot and Canoeboot, such as the E6400 images; the E6400 images on Libreboot insert an Nvidia GPU ROM, but Canoeboot does not. You don't need to run this on Libreboot tarballs, because the Libreboot version can be used anyway. Canoeboot is mostly a pointless project, but I maintain it for fun. I make it adhere to GNU FSDG for fun, even though I disagree with it; Libreboot's binary blob reduction policy is better. The reason for this design is because of GNU FSDG, which Canoeboot complies with to the letter. It states that any such project must not distribute, promote or otherwise boost proprietary software in any way; it must steer the user only towards entirely free software. It also doesn't support nuking. It only sets MAC addresses; the "setmac keep" command is not present, because it's pointless, but these work, e.g.: ./mk inject tarball.tar.xz ./mk inject tarball.tar.xz setmac ./mk inject tarball.tar.xz setmac restore ./mk inject tarball.tar.xz MACADDRESS ./mk inject tarball.tar.xz ??:aa:bb:??:22:01 etc Same command structure as setmac for lbmk. Signed-off-by: Leah Rowe <leah@libreboot.org>
2025-01-07 07:32:12 +00:00
# SPDX-License-Identifier: GPL-3.0-only
# Copyright (c) 2022 Caleb La Grange <thonkpeasant@protonmail.com>
# Copyright (c) 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com>
# Copyright (c) 2023-2025 Leah Rowe <leah@libreboot.org>
cbcfgsdir="config/coreboot"
hashfiles="vendorhashes blobhashes" # used to detect and error out
# if running on an archive that needs vendor files
dontflash="!!! AN ERROR OCCURED! Do NOT flash these images !!!"
tmpromdel="$PWD/tmp/DO_NOT_FLASH"
cv="CONFIG_GBE_BIN_PATH CONFIG_IFD_BIN_PATH"
eval "`setvars "" tree new_mac archive boarddir rom cbdir xchanged \
tmpromdir IFD_platform ifdprefix xromsize $cv`"
fail_inject()
{
[ -L "$tmpromdel" ] || [ ! -d "$tmpromdel" ] || \
rm -Rf "$tmpromdel" || :
printf "\n\n%s\n\n" "$dontflash" 1>&2
printf "WARNING: File '%s' was NOT modified.\n\n" "$archive" 1>&2
fail "$1"
}
xbmk_inject()
{
_olderr="$err"
err="fail_inject"
remkdir "$tmpromdel"
set +u +e; [ $# -lt 1 ] && $err "No options specified. - $dontflash"
eval "`setvars "" new_mac xchanged`"
# randomise the MAC address by default
# TODO: support setting CBFS MAC address for GA-G41M-ES2L
new_mac="??:??:??:??:??:??"
archive="$1";
[ $# -gt 1 ] && case "$2" in
setmac)
[ $# -gt 2 ] && new_mac="$3" && \
[ -z "$new_mac" ] && $err \
"You set an empty MAC address string" ;;
*) $err "Unrecognised inject mode: '$2'"
esac
check_release "$archive" || \
$err "You must run this script on a release archive. - $dontflash"
[ "$new_mac" = "restore" ] && \
printf "Restoring default GbE for '$archive', board '$board'\n"
if readcfg && readkconfig; then
patch_release_roms
fi
[ "$xchanged" != "y" ] && \
printf "\nRelease archive '%s' was *NOT* modified.\n" \
"$archive" 1>&2
[ "$xchanged" = "y" ] && \
printf "\nRelease archive '%s' successfully patched.\n" \
"$archive" && \
printf "You may now extract '%s' and flash images from it.\n" \
"$archive"
err="$_olderr"
return 0
}
check_release()
{
[ -L "$archive" ] && \
$err "'$archive' is a symlink, not a file - $dontflash"
[ -f "$archive" ] || return 1
archivename="`basename "$archive"`"
[ -z "$archivename" ] && \
$err "Cannot determine archive file name - $dontflash"
case "$archivename" in
*_src.tar.xz)
$err "'$archive' is a src archive, silly!" ;;
grub_*|seagrub_*|custom_*|seauboot_*|seabios_withgrub_*)
return 1 ;;
*.tar.xz) _stripped_prefix="${archivename#*_}"
board="${_stripped_prefix%.tar.xz}" ;;
*) $err "'$archive': could not detect board type - $dontflash"
esac; :
}
readcfg()
{
if [ "$board" = "serprog_rp2040" ] || \
[ "$board" = "serprog_stm32" ] || \
[ "$board" = "serprog_pico" ]; then
printf "'%s' is a serprog firmware archive.\n" "$archive" 1>&2
return 1
fi
boarddir="$cbcfgsdir/$board"
eval "`setcfg "$boarddir/target.cfg"`"
chkvars tree
x_ ./mk -d coreboot "$tree"
cbdir="src/coreboot/$tree"
cbfstool="elf/cbfstool/$tree/cbfstool"
rmodtool="elf/cbfstool/$tree/rmodtool"
cbfstool="elf/cbfstool/$tree/cbfstool"
ifdtool="elf/ifdtool/$tree/ifdtool"
[ -n "$IFD_platform" ] && ifdprefix="-p $IFD_platform"; :
}
readkconfig()
{
check_defconfig "$boarddir" 1>"$TMPDIR/vendorcfg.list" && return 1
rm -f "$TMPDIR/tmpcbcfg" || $err "!rm $TMPDIR/tmpcbcfg - $dontflash"
while read -r cbcfgfile; do
for cbc in $cv; do
rm -f "$TMPDIR/tmpcbcfg2" || \
$err "!rm $TMPDIR/tmpcbcfg2 - $dontflash"
grep "$cbc" "$cbcfgfile" 1>"$TMPDIR/tmpcbcfg2" \
2>/dev/null || :
[ -f "$TMPDIR/tmpcbcfg2" ] || continue
cat "$TMPDIR/tmpcbcfg2" >> "$TMPDIR/tmpcbcfg" || \
$err "!cat $TMPDIR/tmpcbcfg2 - $dontflash"
done
done < "$TMPDIR/vendorcfg.list"
eval "`setcfg "$TMPDIR/tmpcbcfg"`"; :
}
patch_release_roms()
{
tmpromdir="tmp/DO_NOT_FLASH/bin/$board"
remkdir "${tmpromdir%"/bin/$board"}"
tar -xf "$archive" -C "${tmpromdir%"/bin/$board"}" || \
$err "Can't extract '$archive'"
for _hashes in $hashfiles; do
[ -L "$tmpromdir/$_hashes" ] && \
$err "'$archive' -> the hashfile is a symlink. $dontflash"
[ -f "$tmpromdir/$_hashes" ] && $err \
"'$archive': vendorfile insertion unsupported; $dontflash"
done
if [ -n "$new_mac" ]; then
if ! modify_mac_addresses; then
printf "\nNo GbE region defined for '%s'\n" "$board" \
1>&2
printf "Therefore, changing the MAC is impossible.\n" \
1>&2
printf "This board probably lacks Intel ethernet.\n" \
1>&2
printf "(or it's pre-IFD Intel with Intel GbE NIC)\n" \
1>&2
fi
fi
[ "$xchanged" = "y" ] || rm -Rf "$tmpromdel" || :
[ "$xchanged" = "y" ] || return 0
(
cd "${tmpromdir%"/bin/$board"}" || \
$err "Can't cd '${tmpromdir%"/bin/$board"}'; $dontflash"
# ../../ is the root of lbmk
mkrom_tarball "bin/$board"
) || $err "Cannot re-generate '$archive' - $dontflash"
mv "${tmpromdir%"/bin/$board"}/bin/${relname}_${board}.tar.xz" \
"$archive" || \
$err "'$archive' -> Cannot overwrite - $dontflash"; :
}
modify_mac_addresses()
{
[ "$nukemode" = "nuke" ] && \
$err "Cannot modify MAC addresses while nuking vendor files"
# chkvars CONFIG_GBE_BIN_PATH
[ -n "$CONFIG_GBE_BIN_PATH" ] || return 1
e "${CONFIG_GBE_BIN_PATH##*../}" f n && $err "missing gbe file"
[ "$new_mac" != "restore" ] && \
x_ make -C util/nvmutil
x_ mkdir -p tmp
[ -L "tmp/gbe" ] && $err "tmp/gbe exists but is a symlink"
[ -d "tmp/gbe" ] && $err "tmp/gbe exists but is a directory"
if [ -e "tmp/gbe" ]; then
[ -f "tmp/gbe" ] || $err "tmp/gbe exists and is not a file"
fi
x_ cp "${CONFIG_GBE_BIN_PATH##*../}" "tmp/gbe"
[ "$new_mac" != "restore" ] && \
x_ "util/nvmutil/nvm" "tmp/gbe" setmac "$new_mac"
find "$tmpromdir" -maxdepth 1 -type f -name "*.rom" > "tmp/rom.list" \
|| $err "'$archive' -> Can't make tmp/rom.list - $dontflash"
while read -r _xrom; do
[ -L "$_xrom" ] && continue
[ -f "$_xrom" ] || continue
"$ifdtool" $ifdprefix -i GbE:"tmp/gbe" "$_xrom" -O \
"$_xrom" || $err "'$_xrom': Can't insert new GbE file"
xchanged="y"
done < "tmp/rom.list"
printf "\nThe following GbE NVM words were written in '%s':\n" \
"$archive"
x_ util/nvmutil/nvm tmp/gbe dump
[ "$new_mac" = "restore" ] && \
printf "\nNOTE: User specified setmac 'restore' argument.\n" && \
printf "Default GbE file '%s' written without running nvmutil.\n" \
"${CONFIG_GBE_BIN_PATH##*../}"; :
}