lbmk/script/build/release/roms

#!/usr/bin/env sh

#  helper script: generate release archive (ROM images)
#
#	Copyright (C) 2020,2021,2022,2023 Leah Rowe <info@minifree.org>
#
#	This program is free software: you can redistribute it and/or modify
#	it under the terms of the GNU General Public License as published by
#	the Free Software Foundation, either version 3 of the License, or
#	(at your option) any later version.
#
#	This program is distributed in the hope that it will be useful,
#	but WITHOUT ANY WARRANTY; without even the implied warranty of
#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#	GNU General Public License for more details.
#
#	You should have received a copy of the GNU General Public License
#	along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

[ "x${DEBUG+set}" = 'xset' ] && set -v
set -u -e

. "include/err.sh"

read projectname < projectname
version="version-unknown"
versiondate="version-date-unknown"
tree="default"
target=""
CONFIG_HAVE_MRC=""
CONFIG_HAVE_ME_BIN=""
CONFIG_KBC1126_FIRMWARE=""
CONFIG_INCLUDE_SMSC_SCH5545_EC_FW=""
ifdtool="cbutils/${tree}/ifdtool"
cbfstool="cbutils/${tree}/cbfstool"
microcode_required="y"

main()
{
	printf "Building ROM image archives for version %s\n" "${version}"

	init_check

	for romdir in bin/*; do
		[ -d "${romdir}" ] || continue
		make_archive "${romdir}"
	done

	printf "\nROM archives available at release/%s/roms/\n\n" "${version}"
}

init_check()
{
	[ -f version ] && \
		read version < version
	[ -f versiondate ] && \
		read versiondate < versiondate
	[ ! -d "bin/" ] && \
		err "init_check: no ROMs built yet (error)"
	[ -d "release/" ] || \
		mkdir -p release/ || \
		    err "init_check: !mkdir -p release/"
	[ -d "release/${version}/" ] || \
		mkdir -p "release/${version}/" || \
		    err "init_check: !mkdir -p release/${version}/"
	[ ! -d "release/${version}/roms/" ] || \
		rm -Rf "release/${version}/roms/" || \
		    err "init_check: !rm -Rf release/${version}/roms/"

	if [ ! -d "release/${version}/roms/" ]; then
		mkdir -p "release/${version}/roms/" || \
		    err "init_check: !mkdir -p release/${version}/roms/"
	fi
}

make_archive()
{
	builddir="${1}"
	romdir="tmp/romdir" || \
	    err "make_archive: cannot create tmpdir"
	rm -Rf "${romdir}" || err "make_archive: can't remove tmpdir"
	target="${builddir##*/}"

	if [ ! -f "config/coreboot/${target}/target.cfg" ]; then
		# No config, just make a tarball
		tarball=release/${version}/roms/${target}_${version}.tar.xz
		tar -c "${builddir}" | xz -T0 -6 > ${tarball} || \
			(rm ${tarball}
			 err "make_archive: cannot make \"${tarball}\"")
		return 0
	fi

	romdir="${romdir}/bin/${target}"
	mkdir -p "${romdir}" || \
	    err "make_archive: can't mkdir tmpdir"
	cp "${builddir}"/* "${romdir}" || \
	    err "make_archive: cannot copy ROM images directory -> ${romdir}"

	printf "%s\n" "${target}"

	microcode_required="y"
	. "config/coreboot/${target}/target.cfg"
	if [ "${microcode_required}" != "y" ] && \
	    [ "${microcode_required}" != "n" ]; then microcode_required="y"; fi

	for x in CONFIG_HAVE_MRC CONFIG_HAVE_ME_BIN CONFIG_KBC1126_FIRMWARE \
	    CONFIG_INCLUDE_SMSC_SCH5545_EC_FW; do
		eval "${x}=\"y\""
		grep "${x}=y" "config/coreboot/${target}/config/"* || \
		    eval "${x}=\"n\""
	done

	# remove ME/MRC/EC firmware from ROM images
	if [ "${CONFIG_HAVE_ME_BIN}" = "y" ] || \
	    [ "${target}" = "e6400_4mb" ] || \
	    [ "${microcode_required}" = "n" ]; then
		strip_archive "${romdir}"
	fi

	printf "Generating release/%s/roms/%s-%s_%s.tar.xz\n" \
	    "${version}" "${projectname}" "${version}" "${target##*/}"
	printf "%s\n" "${version}" > "${romdir}/version" || \
	    err "make_archive: can't create ${romdir}/version"
	printf "%s\n" "${versiondate}" > "${romdir}/versiondate" || \
	    err "make_archive: can't create ${romdir}/versiondate"
	printf "%s\n" "${projectname}" > "${romdir}/projectname" || \
	    err "make_archive: can't create ${romdir}/projectname"

	archivename="${projectname}-${version}_${target##*/}"
	f="release/${version}/roms/${archivename}"
	(
	cd "${romdir%/bin/${target}}" || err "make_archive: can't cd to tmpdir"
	tar -c "bin/${target}/" | xz -T0 -9e > "${archivename}.tar.xz" || \
	    err "make_archive:cant make ${projectname}-${version}_${target##*/}"
	)
	mv "${romdir%/bin/${target}}/${archivename}.tar.xz" "${f}.tar.xz" || \
	    err "make_archive: can't copy tarball"
	rm -Rf "${romdir%/bin/${target}}" || \
	    err "make_archive: can't delete tmpdir"
}

strip_archive()
{
	romdir=${1}

	[ -d "coreboot/${tree}" ] || \
		./update project trees coreboot ${tree} || \
		    err "strip_archive: coreboot/${tree}: can't fetch source"
	./build coreboot utils ${tree} || \
	    err "strip_archive: coreboot/${tree}: can't build utils"

	if [ "${microcode_required}" = "n" ]; then
		for romfile in "${romdir}"/*.rom; do
			[ -f "${romfile}" ] || continue
			strip_ucode "${romfile}"
		done
		for romfile in "${romdir}"/*.tmprom; do
			[ -f "${romfile}" ] || continue
			mv "${romfile}" "${romfile%.tmprom}.rom" || \
			    err "can't make no-u rom: ${romfile%.tmprom}.rom"
		done
	fi

	# Hash the rom before removing blobs
	rm -f "${romdir}/blobhashes" || \
	    err "strip_archive: !rm -f ${blobdir}/blobhashes"
	touch "${romdir}/blobhashes" || \
	    err "strip_archive: !touch ${blobdir}/blobhashes"

	(
	cd "${romdir}" || err "strip_archive: !cd ${romdir}"
	sha512sum *.rom >> blobhashes || \
	    err "strip_archive: ${romdir}: !sha512sum *.rom >> blobhashes"
	)

	for romfile in "${romdir}"/*.rom; do
		[ -f "${romfile}" ] || continue
		strip_rom_image "${romfile}"
	done
}

strip_ucode()
{
	romfile=${1}

	_newrom_b="${romfile%.rom}_nomicrocode.tmprom"
	cp "${romfile}" "${_newrom_b}" || \
	    err "strip_rom_image: cp \"${romfile}\" \"${_newrom_b}\""
	microcode_present="y"
	"${cbfstool}" "${_newrom_b}" remove -n \
	    cpu_microcode_blob.bin 2>/dev/null || microcode_present="n"
	if [ "${microcode_present}" = "n" ]; then
		printf "REMARK: '%s' already lacks microcode\n" "${romfile}" \
		    1>&2
		printf "Renaming default ROM file instead.\n" 1>&2
		mv "${romfile}" "${_newrom_b}" || \
		    err "strip_rom_image: can't rename no-u ${romfile}"
	fi
}

strip_rom_image()
{
	romfile=${1}

	[ -f "${romfile}" ] || return 0

	if [ "${CONFIG_HAVE_ME_BIN}" = "y" ]; then
		"${ifdtool}" --nuke me "${romfile}" -O "${romfile}" || \
		    err "strip_rom_images: ${romfile}: cannot nuke Intel ME"
	fi

	if [ "${CONFIG_HAVE_MRC}" = "y" ]; then
		"${cbfstool}" "${romfile}" remove -n mrc.bin || \
		    err "strip_rom_images: ${romfile}: cannot nuke mrc.bin"
		"${cbfstool}" "${romfile}" print || :
	fi

	if [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ]; then
		"${cbfstool}" "${romfile}" remove -n ecfw1.bin || \
		    err "strip_rom_images: ${romfile}: can't nuke ecfw1.bin"
		"${cbfstool}" "${romfile}" remove -n ecfw2.bin || \
		    err "strip_rom_images: ${romfile}: can't nuke ecfw2.bin"
	fi

	[ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" != "y" ] || \
		"${cbfstool}" "${romfile}" remove -n sch5545_ecfw.bin || \
		    err "strip_rom_images: ${romfile}: can't nuke sch5545ec fw"

	# TODO: replace this board-specific hack
	if [ "${target}" = "e6400_4mb" ]; then
		"${cbfstool}" "${romfile}" remove -n "pci10de,06eb.rom" || \
		    err "strip_rom_images: ${romfile}: can't nuke e6400 vga rom"
	fi
}

main $@