2023-06-13 11:09:01 +00:00
|
|
|
#!/usr/bin/env sh
|
2021-05-18 12:56:12 +00:00
|
|
|
|
|
|
|
# generate GRUB ELF files (coreboot payload) and configuration files
|
|
|
|
#
|
2023-05-20 18:55:11 +00:00
|
|
|
# Copyright (C) 2014,2015,2020,2021,2023 Leah Rowe <info@minifree.org>
|
2021-05-18 12:56:12 +00:00
|
|
|
#
|
|
|
|
# This program is free software: you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
#
|
|
|
|
|
|
|
|
[ "x${DEBUG+set}" = 'xset' ] && set -v
|
|
|
|
set -u -e
|
|
|
|
|
2023-08-23 23:30:07 +00:00
|
|
|
. "include/err.sh"
|
|
|
|
|
2023-05-20 18:55:11 +00:00
|
|
|
grubcfgsdir="resources/grub"
|
2023-05-20 19:07:22 +00:00
|
|
|
keymap=""
|
2023-05-20 18:55:11 +00:00
|
|
|
|
2023-06-13 11:09:01 +00:00
|
|
|
. "${grubcfgsdir}/modules.list"
|
2021-05-18 12:56:12 +00:00
|
|
|
|
2023-05-20 19:07:22 +00:00
|
|
|
main()
|
|
|
|
{
|
|
|
|
printf "Creating GRUB payloads and configuration files\n"
|
2021-05-18 12:56:12 +00:00
|
|
|
|
2023-08-23 23:30:07 +00:00
|
|
|
handle_dependencies
|
2021-05-18 12:56:12 +00:00
|
|
|
|
2023-05-20 19:07:22 +00:00
|
|
|
# Separate GRUB payload per keymap to save space in ROM.
|
|
|
|
for keylayoutfile in ${grubcfgsdir}/keymap/*.gkb; do
|
2023-08-23 23:30:07 +00:00
|
|
|
[ -f "${keylayoutfile}" ] || continue
|
2023-05-20 19:10:19 +00:00
|
|
|
build_grub_payloads "${keylayoutfile}"
|
2023-05-20 19:07:22 +00:00
|
|
|
done
|
2021-05-18 12:56:12 +00:00
|
|
|
|
consolidate u-boot/seabios/coreboot build scripts
See file:
resources/scripts/build/defconfig/for
It is based on:
resources/scripts/build/payload/u-boot
The u-boot payload script has been deleted, as has the
seabios payload script; the build/boot/roms logic has
been heavily simplified too, by removing the logic for
building of elf files based on defconfig.
SeaBIOS, U-Boot and coreboot all use defconfig-type
infrastructure for their build systems, and they are
fundamentally the *same* in how to compile each codebase,
at least in an lbmk context, regardless of actual (and
very huge) differences in these codebases.
Several hundred sources-lines of code have been eliminated
by this change, drastically simplifying everything; U-Boot
payload compiling also now errors out when a single build
fails, instead of continuing. Also: build/boot/roms no longer
re-compiles a coreboot target that was already compiled,
which is the same behaviour observed for payloads.
(this means you must now manually delete a target, when you
wish to re-build it; the build/boot/roms logic now more or
less just runs cbfstool; blobutil is handled from
build/defconfig/for)
ALSO: Since crossgcc is now handled by build/defconfig/for, not
build/boot/roms, standalone compiling of u-boot is now possible.
This has been tested. You compile it like so:
./build defconfig for u-boot
or specific trees, e.g.
./build defconfig for u-boot default
One other consequence of this patch is that re-building the same
ROM image is now much faster, because the same builds are re-used
unless deleted. This could be useful when testing grub.cfg changes,
for example, if that's all you change. With things like ccache used
(not yet used robustly in lbmk), this could speed things up more,
depending on the codebase.
This patch demonstrates the raw power of lbmk; it is a very
simple and highly efficient build system, and now much more so!
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-17 22:27:30 +00:00
|
|
|
printf "Done! Check elf/grub/ to see the files.\n\n"
|
2023-05-20 19:07:22 +00:00
|
|
|
}
|
|
|
|
|
2023-08-23 23:30:07 +00:00
|
|
|
handle_dependencies()
|
|
|
|
{
|
|
|
|
[ -d "grub/" ] || \
|
much, much stricter, more verbose error handling
lbmk is much more likely to crash now, in error conditions,
which is a boon for further auditing.
also: in "fetch", remove the downloaded program
if fail() was called.
this would also be done for gnulib, when downloading
grub, but done in such a way that gnulib goes first.
where calls to err write "ERROR" in the string, they
no longer say "ERROR" because the "err" function itself
now does that automatically.
also: listmodes/listoptions (in "lbmk") now reports an
error if no scripts and/or directories are found.
also: where a warning is given, but not an error, i've
gone through in some places and redirected the output
to stderr, not stdout
as part of error checks: running anything as root, except
for the "./build dependencies *" commands, is no longer
permitted and lbmk will throw an error
mrc downloads: debugfs output no longer redirected to /dev/null,
and stderr no longer redirected to stdout. everything is verbose.
certain non-error states are also more verbose. for example,
patch_rom in blobs/inject will now state when injection succeeds
certain actual errors(bugs) were fixed:
for example, build/release/roms now correctly prepares the blobs
hash files for a given target, containing only the files and
checksums in the list. Previously, a printf message was included.
Now, with this new code: blobutil/inject rightly verifies hashes.
doing all of this in one giant patch is cleaner
than 100 patches changing each file. even this is yet part
of a much larger audit going on in the Libreboot project.
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-24 19:19:41 +00:00
|
|
|
./fetch grub || \
|
|
|
|
err "handle_dependencies: cannot fetch grub"
|
2023-08-23 23:30:07 +00:00
|
|
|
[ -f "grub/grub-mkstandalone" ] || \
|
much, much stricter, more verbose error handling
lbmk is much more likely to crash now, in error conditions,
which is a boon for further auditing.
also: in "fetch", remove the downloaded program
if fail() was called.
this would also be done for gnulib, when downloading
grub, but done in such a way that gnulib goes first.
where calls to err write "ERROR" in the string, they
no longer say "ERROR" because the "err" function itself
now does that automatically.
also: listmodes/listoptions (in "lbmk") now reports an
error if no scripts and/or directories are found.
also: where a warning is given, but not an error, i've
gone through in some places and redirected the output
to stderr, not stdout
as part of error checks: running anything as root, except
for the "./build dependencies *" commands, is no longer
permitted and lbmk will throw an error
mrc downloads: debugfs output no longer redirected to /dev/null,
and stderr no longer redirected to stdout. everything is verbose.
certain non-error states are also more verbose. for example,
patch_rom in blobs/inject will now state when injection succeeds
certain actual errors(bugs) were fixed:
for example, build/release/roms now correctly prepares the blobs
hash files for a given target, containing only the files and
checksums in the list. Previously, a printf message was included.
Now, with this new code: blobutil/inject rightly verifies hashes.
doing all of this in one giant patch is cleaner
than 100 patches changing each file. even this is yet part
of a much larger audit going on in the Libreboot project.
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-24 19:19:41 +00:00
|
|
|
./build grub utils || \
|
|
|
|
err "handle_dependencies: cannot build grub utils"
|
2023-08-23 23:30:07 +00:00
|
|
|
[ -d "elf/grub" ] || \
|
much, much stricter, more verbose error handling
lbmk is much more likely to crash now, in error conditions,
which is a boon for further auditing.
also: in "fetch", remove the downloaded program
if fail() was called.
this would also be done for gnulib, when downloading
grub, but done in such a way that gnulib goes first.
where calls to err write "ERROR" in the string, they
no longer say "ERROR" because the "err" function itself
now does that automatically.
also: listmodes/listoptions (in "lbmk") now reports an
error if no scripts and/or directories are found.
also: where a warning is given, but not an error, i've
gone through in some places and redirected the output
to stderr, not stdout
as part of error checks: running anything as root, except
for the "./build dependencies *" commands, is no longer
permitted and lbmk will throw an error
mrc downloads: debugfs output no longer redirected to /dev/null,
and stderr no longer redirected to stdout. everything is verbose.
certain non-error states are also more verbose. for example,
patch_rom in blobs/inject will now state when injection succeeds
certain actual errors(bugs) were fixed:
for example, build/release/roms now correctly prepares the blobs
hash files for a given target, containing only the files and
checksums in the list. Previously, a printf message was included.
Now, with this new code: blobutil/inject rightly verifies hashes.
doing all of this in one giant patch is cleaner
than 100 patches changing each file. even this is yet part
of a much larger audit going on in the Libreboot project.
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-24 19:19:41 +00:00
|
|
|
mkdir -p elf/grub || \
|
|
|
|
err "handle_dependencies: cannot mkdir elf/grub"
|
|
|
|
rm -f elf/grub/* || \
|
|
|
|
err "handle_dependencies: cannot rm inside: elf/grub/"
|
2023-08-23 23:30:07 +00:00
|
|
|
}
|
|
|
|
|
2023-05-20 19:10:19 +00:00
|
|
|
build_grub_payloads()
|
2023-05-20 19:07:22 +00:00
|
|
|
{
|
|
|
|
keylayoutfile=${1}
|
2023-08-21 18:41:49 +00:00
|
|
|
[ -f "${keylayoutfile}" ] || continue
|
2021-05-18 12:56:12 +00:00
|
|
|
|
2023-05-20 18:55:11 +00:00
|
|
|
keymap="${keylayoutfile##${grubcfgsdir}/keymap/}"
|
2021-05-18 12:56:12 +00:00
|
|
|
keymap="${keymap%.gkb}"
|
|
|
|
|
2023-05-20 19:07:22 +00:00
|
|
|
build_grub_elf "${keylayoutfile}"
|
2023-05-20 19:10:19 +00:00
|
|
|
create_grub_config
|
2023-05-20 19:07:22 +00:00
|
|
|
|
2023-08-21 18:41:49 +00:00
|
|
|
printf "Created 'elf/grub/grub_%s.elf' and configs.'\n" "${keymap}"
|
2023-05-20 19:07:22 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
build_grub_elf()
|
|
|
|
{
|
|
|
|
keylayoutfile=${1}
|
|
|
|
|
2023-05-20 18:55:11 +00:00
|
|
|
gcfg="/boot/grub/grub.cfg=${grubcfgsdir}"
|
|
|
|
gcfg="${gcfg}/config/grub_memdisk.cfg"
|
|
|
|
grubk="/boot/grub/layouts/${keymap}.gkb=${keylayoutfile}"
|
2021-05-18 12:56:12 +00:00
|
|
|
grub/grub-mkstandalone \
|
2023-08-21 18:41:49 +00:00
|
|
|
--grub-mkimage="grub/grub-mkimage" \
|
|
|
|
-O i386-coreboot \
|
2023-08-27 08:25:50 +00:00
|
|
|
-o "elf/grub/grub_${keymap}.elf" \
|
2023-08-21 18:41:49 +00:00
|
|
|
-d grub/grub-core/ \
|
|
|
|
--fonts= --themes= --locales= \
|
|
|
|
--modules="${grub_modules}" \
|
|
|
|
--install-modules="${grub_install_modules}" \
|
2023-08-27 08:25:50 +00:00
|
|
|
"${gcfg}" "${grubk}" || \
|
much, much stricter, more verbose error handling
lbmk is much more likely to crash now, in error conditions,
which is a boon for further auditing.
also: in "fetch", remove the downloaded program
if fail() was called.
this would also be done for gnulib, when downloading
grub, but done in such a way that gnulib goes first.
where calls to err write "ERROR" in the string, they
no longer say "ERROR" because the "err" function itself
now does that automatically.
also: listmodes/listoptions (in "lbmk") now reports an
error if no scripts and/or directories are found.
also: where a warning is given, but not an error, i've
gone through in some places and redirected the output
to stderr, not stdout
as part of error checks: running anything as root, except
for the "./build dependencies *" commands, is no longer
permitted and lbmk will throw an error
mrc downloads: debugfs output no longer redirected to /dev/null,
and stderr no longer redirected to stdout. everything is verbose.
certain non-error states are also more verbose. for example,
patch_rom in blobs/inject will now state when injection succeeds
certain actual errors(bugs) were fixed:
for example, build/release/roms now correctly prepares the blobs
hash files for a given target, containing only the files and
checksums in the list. Previously, a printf message was included.
Now, with this new code: blobutil/inject rightly verifies hashes.
doing all of this in one giant patch is cleaner
than 100 patches changing each file. even this is yet part
of a much larger audit going on in the Libreboot project.
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-24 19:19:41 +00:00
|
|
|
err "build_grub_elf: cannot build grub payload (grub-mkstandalone)"
|
2023-05-20 19:07:22 +00:00
|
|
|
}
|
2021-05-18 12:56:12 +00:00
|
|
|
|
2023-05-20 19:10:19 +00:00
|
|
|
create_grub_config()
|
2023-05-20 19:07:22 +00:00
|
|
|
{
|
2023-08-27 08:25:50 +00:00
|
|
|
sed "s/usqwerty/${keymap}/" < "${grubcfgsdir}/config/grub.cfg" \
|
|
|
|
> "elf/grub/grub_${keymap}.cfg" || \
|
much, much stricter, more verbose error handling
lbmk is much more likely to crash now, in error conditions,
which is a boon for further auditing.
also: in "fetch", remove the downloaded program
if fail() was called.
this would also be done for gnulib, when downloading
grub, but done in such a way that gnulib goes first.
where calls to err write "ERROR" in the string, they
no longer say "ERROR" because the "err" function itself
now does that automatically.
also: listmodes/listoptions (in "lbmk") now reports an
error if no scripts and/or directories are found.
also: where a warning is given, but not an error, i've
gone through in some places and redirected the output
to stderr, not stdout
as part of error checks: running anything as root, except
for the "./build dependencies *" commands, is no longer
permitted and lbmk will throw an error
mrc downloads: debugfs output no longer redirected to /dev/null,
and stderr no longer redirected to stdout. everything is verbose.
certain non-error states are also more verbose. for example,
patch_rom in blobs/inject will now state when injection succeeds
certain actual errors(bugs) were fixed:
for example, build/release/roms now correctly prepares the blobs
hash files for a given target, containing only the files and
checksums in the list. Previously, a printf message was included.
Now, with this new code: blobutil/inject rightly verifies hashes.
doing all of this in one giant patch is cleaner
than 100 patches changing each file. even this is yet part
of a much larger audit going on in the Libreboot project.
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-24 19:19:41 +00:00
|
|
|
err "create_grub_config: sed failed: grub.cfg"
|
2023-08-27 08:25:50 +00:00
|
|
|
sed "s/grubtest.cfg/grub.cfg/" < "elf/grub/grub_${keymap}.cfg" \
|
|
|
|
> "elf/grub/grub_${keymap}_test.cfg" || \
|
much, much stricter, more verbose error handling
lbmk is much more likely to crash now, in error conditions,
which is a boon for further auditing.
also: in "fetch", remove the downloaded program
if fail() was called.
this would also be done for gnulib, when downloading
grub, but done in such a way that gnulib goes first.
where calls to err write "ERROR" in the string, they
no longer say "ERROR" because the "err" function itself
now does that automatically.
also: listmodes/listoptions (in "lbmk") now reports an
error if no scripts and/or directories are found.
also: where a warning is given, but not an error, i've
gone through in some places and redirected the output
to stderr, not stdout
as part of error checks: running anything as root, except
for the "./build dependencies *" commands, is no longer
permitted and lbmk will throw an error
mrc downloads: debugfs output no longer redirected to /dev/null,
and stderr no longer redirected to stdout. everything is verbose.
certain non-error states are also more verbose. for example,
patch_rom in blobs/inject will now state when injection succeeds
certain actual errors(bugs) were fixed:
for example, build/release/roms now correctly prepares the blobs
hash files for a given target, containing only the files and
checksums in the list. Previously, a printf message was included.
Now, with this new code: blobutil/inject rightly verifies hashes.
doing all of this in one giant patch is cleaner
than 100 patches changing each file. even this is yet part
of a much larger audit going on in the Libreboot project.
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-24 19:19:41 +00:00
|
|
|
err "create_grub_config: sed failed: grubtest.cfg"
|
2023-05-20 19:07:22 +00:00
|
|
|
}
|
2021-05-18 12:56:12 +00:00
|
|
|
|
2023-05-20 19:07:22 +00:00
|
|
|
main $@
|