it will probably never happen, and this is technically
not an error condition of pread/pwrite, but we need it
to read and write that exact number of bytes, as per nf
Signed-off-by: Leah Rowe <leah@libreboot.org>
it wouldn't occur, on the current logic, but i wasn't
comfortable having the starting point (on little endian)
being higher than the checked endpoint, in case of
possible integer overflow as a result of future
modifications.
this is therefore a pre-emptive bug fix, because it doesn't
yet fix a bug, but it prevents a bug from being introduced.
Signed-off-by: Leah Rowe <leah@libreboot.org>
The 128-byte nvm area is all that we need to handle,
since that is the only thing we actually work on in
nvmutil, based on checksum verification; the latter
implies that bytes must be in the correct order.
The swap() function previously worked on the entire
block, e.g. 4KB on 8KB files, 8KB on 16KB files and
64KB on 128KB files, and it did this twice, so it would
have operated on anywhere between 8KB to 128KB of data.
It now only operates on 256 bytes at a maximum, or 128
bytes if only handling one block. This is a significant
performance optimisation, on big endian host CPUs.
Signed-off-by: Leah Rowe <leah@libreboot.org>
previous audits sizecoded nvmutil.c, reducing the sloccount,
but this resulted in unreadable code.
move the swap logic (swap parts) back to its own function,
for clarity.
Signed-off-by: Leah Rowe <leah@libreboot.org>
also cmd_brick
where the checksum is being corrected or bricked, we
only need to handle the 128-byte nvm area on one of
the parts
similarly, we only need to allocate half the gbe file
size when doing a copy command.
256 bytes still allocated for setmac (see previous
commit), because we verify both checksums and set both
parts if possible.
with this, nvmutil is now much more memory-efficient.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Allocate memory based on nf instead of partsize.
nf is the number of bytes actually read from each
part of the file.
Now if the user is running setmac for example,
256 bytes of memory will be allocated regardless
of gbe file size, whereas it would have previously
allocated 8KB, 16KB or 128KB depending on the file.
Signed-off-by: Leah Rowe <leah@libreboot.org>
We were allocating 128KB even if we only needed 8KB, for
example. It's not a lot of memory, but the principle of
the matter is that we must respect the user by not wasting
their memory.
The design of nvmutil is that it will never overflow, because
operations are mapped in memory to the exact size of the gbe
file, which can be 8KB, 16KB or 128KB, and this is enforced.
Signed-off-by: Leah Rowe <leah@libreboot.org>
The buf variable is only used once, and only so
that we can get a pointer. We can point to buf16
instead, for the same result.
The gbe pointer (size_t) is later converter to
a char * when writing back to the file.
Signed-off-by: Leah Rowe <leah@libreboot.org>
For example, if the brick command is used without specifying
a part number. Instead of saying "Invalid argument", show a
much more useful error message to help the user adapt.
Signed-off-by: Leah Rowe <leah@libreboot.org>
call pledge *much* earlier, and and lock everything down
much sooner. the point of pledge/unveil is precisely that
your program must operate under the most restrictive set
of conditions possible, and still function.
Signed-off-by: Leah Rowe <leah@libreboot.org>
tell the user exactly what they got wrong, instead
of simply printing "bad mac address", which is not
very helpful to the user
Signed-off-by: Leah Rowe <leah@libreboot.org>
See:
https://edc.intel.com/content/www/us/en/design/ipla/software-development-platforms/client/platforms/alder-lake-mobile-p/intel-600-series-chipset-family-on-package-platform-controller-hub-pch-datash/spi0-for-flash/
The rules described there are universal, and replicated elsewhere
for many other platforms. The rules are simply:
* Flash descriptor is one block size, e.g. 4KB
* GbE is two block sizes, so if IfD is 4KB, GbE is 8KB
Intel defines 16KB and 128KB GbE files in specs, pertaining to
8KB and 64KB block sizes respectively.
The minimum size is 4KB blocksize, for 8KB GbE files which
we already supported. On larger block sizes, the same 4KB
parts are observed: a single 4KB IfD area at the start of
the block, and:
4KB GbE part at the start of the GbE region, and:
4KB GbE part at the start of GbE region plus block size
The empty space inbetween is padding, and we ignore it,
except when running swap/copy commands.
The nvmutil code has been modified, to create a 128KB buffer in
memory instead of 8KB, for loading GbE files.
Partsize is set to GbE file size divided by 2, and only the
area of memory we need to use is mapped; for example, if
we're loading a 8KB GbE file into memory, we only touch
the first 8KB part of the buffer, or first 16KB for 128KB
files.
In practise, we almost never see GbE files with sizes higher
than 8KB, but *we have seen it*, *AND NOW IT'S SUPPORTED!"
Signed-off-by: Leah Rowe <leah@libreboot.org>
We were checking directories *after* calling unveil, which
means that the sandboxing was incomplete; we only want files
to be accessed, not directories.
Signed-off-by: Leah Rowe <leah@libreboot.org>
A lot of size-coding was performed in prior audits, to
make the sloccount lower on nvmutil, but this resulted in
code that wasn't very human readable.
I've reversed some of it and added comments, for clarity.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the user might have boot their kernel inside luks
inside lvm for some dumb reason
it's theoretically possible that the user would be
so silly indeed
Signed-off-by: Leah Rowe <leah@libreboot.org>
We were scanning a hardcoded set up LVM volumes, so in practise,
LVM boot didn't really work. We did this because scanning for
asterisk is slow on some machines. However, since LVM is the last
one, and since most users don't boot directly from LVM, it wasn't
that much of an issue in practise.
Signed-off-by: Leah Rowe <leah@libreboot.org>
This is based on include/vendor.sh from this lbmk
revision:
3c9f4be76f61c80060b4238eff96ef268272cffb
This version doesn't support downloading/injecting
vendor files such as Intel ME; that's what the lbmk
version is for.
If you try to run this on a Libreboot archive that
uses vendor files, the script will see that there is
a hash file present, and not inject a new MAC.
HOWEVER: if the hash file is not present, it will
work just fine, but again only change the MAC. That
way, you can use the "./mk inject" command from lbmk,
to insert files such as Intel ME. In practise, due to
the design checking out a specific cbfstool version
based on the board config, you can only use a config
in this way that's present on both Libreboot and
Canoeboot, such as the E6400 images; the E6400 images
on Libreboot insert an Nvidia GPU ROM, but Canoeboot
does not.
You don't need to run this on Libreboot tarballs, because
the Libreboot version can be used anyway. Canoeboot is
mostly a pointless project, but I maintain it for fun. I
make it adhere to GNU FSDG for fun, even though I disagree
with it; Libreboot's binary blob reduction policy is better.
The reason for this design is because of GNU FSDG,
which Canoeboot complies with to the letter. It states
that any such project must not distribute, promote or
otherwise boost proprietary software in any way; it must
steer the user only towards entirely free software.
It also doesn't support nuking. It only sets MAC
addresses; the "setmac keep" command is not present,
because it's pointless, but these work, e.g.:
./mk inject tarball.tar.xz
./mk inject tarball.tar.xz setmac
./mk inject tarball.tar.xz setmac restore
./mk inject tarball.tar.xz MACADDRESS
./mk inject tarball.tar.xz ??:aa:bb:??:22:01
etc
Same command structure as setmac for lbmk.
Signed-off-by: Leah Rowe <leah@libreboot.org>
This was leftover from idk when. It's not in lbmk.
We don't need it here. This is a relic from when
the build system used git's submodules feature.
Nowadays, the build system automatically handles
directories such as what this patch handled.
Signed-off-by: Leah Rowe <leah@libreboot.org>
./vendor commands were never used in cbmk
this was added accidentally, when cherry-picking newer
changes from lbmk
Signed-off-by: Leah Rowe <leah@libreboot.org>
This revision:
* 2f1e4e5e85 mb/hp/snb_ivb_desktops/z220*: Remove leftover old usb configurations
This is in line with the revision used by Libreboot 20241206,
8th revision - as of this commit, Canoeboot 20241207 rev1 can
be compiled, I just need to update the GRUB/SeaBIOS/U-Boot
version reporting, and sync up lbwww->cbwww with a release page.
Signed-off-by: Leah Rowe <leah@libreboot.org>
We were previously not handling picotool at all, and
pico-sdk would download picotool itself, at build time.
This means that the source archive, if created, would
not contain picotool. While not strictly required, for
complete corresponding source, since it's a toolchain
and not the actual pico-serprog firmware, it is my policy
that releases must include full corresponding source code,
when it is feasible to do so.
I must say, I intensely dislike cmake, with such burning
passion; I am thoroughly displeased by how hacky this is,
but it works and now nothing is in my way for a Libreboot
20241206 rev8 release!
Signed-off-by: Leah Rowe <leah@libreboot.org>
See:
https://docs.python.org/3/library/sys.html#sys.version_info
The sys.version_info tuple is a more reliable way to
get the version. Our previous logic assumed that Python
would always output "Python versionnumber", but this may
not always be how it works. We've seen this for example
where Debian modifies some GNU toolchains to include Debian
something in the output.
Python has a standard method built in for outputting exact
the information we need. In my system, what I got was this:
(3, 11, 2, 'final', 0)
That output was from running this command:
python -c 'import sys; print(sys.version_info[:])'
This is much more robust, so use this instead.
Signed-off-by: Leah Rowe <leah@libreboot.org>
we already check the python version, and set a variable
for it, so that we can reliably use python3, even if
python in PATH doesn't correspond to python3. for
example if a system has python as python2 and python3
as python3
well, we use that when running deguard for example, but
various upstream projects that we use may need python,
and all of them use python3, not 2
so, re-use the python variable set up by lbmk, and
set it up in PATH accordingly. this now makes the note
about python3 obsolete, on docs/build.md in lbwww.git
Signed-off-by: Leah Rowe <leah@libreboot.org>
probably not actually needed, but it annoys me that it doesn't
come installed by default, and it's needed for certain git
operations
Signed-off-by: Leah Rowe <leah@libreboot.org>
Leah Rowe