lbmk/script/update/blobs/inject

#!/usr/bin/env sh

# SPDX-FileCopyrightText: 2022 Caleb La Grange <thonkpeasant@protonmail.com>
# SPDX-FileCopyrightText: 2022 Ferass El Hafidi <vitali64pmemail@protonmail.com>
# SPDX-FileCopyrightText: 2023 Leah Rowe <info@minifree.org>
# SPDX-License-Identifier: GPL-3.0-only

. "include/err.sh"

sname=""
archive=""
_filetype=""
rom=""
board=""
modifygbe=""
new_mac=""
release=""
releasearchive=""

cbdir="coreboot/default"
cbcfgsdir="resources/coreboot"
ifdtool="cbutils/default/ifdtool"
cbfstool="cbutils/default/cbfstool"
nvmutil="util/nvmutil/nvm"
boarddir=""
pciromsdir="pciroms"

CONFIG_HAVE_MRC=""
CONFIG_HAVE_ME_BIN=""
CONFIG_ME_BIN_PATH=""
CONFIG_KBC1126_FIRMWARE=""
CONFIG_KBC1126_FW1=""
CONFIG_KBC1126_FW1_OFFSET=""
CONFIG_KBC1126_FW2=""
CONFIG_KBC1126_FW2_OFFSET=""
CONFIG_VGA_BIOS_FILE=""
CONFIG_VGA_BIOS_ID=""
CONFIG_GBE_BIN_PATH=""
CONFIG_INCLUDE_SMSC_SCH5545_EC_FW=""
CONFIG_SMSC_SCH5545_EC_FW_FILE=""

main()
{
	sname="${0}"

	[ $# -lt 1 ] && err "No options specified."
	[ "${1}" = "listboards" ] && \
		./build command options resources/coreboot && exit 0

	archive="${1}"

	while getopts r:b:m: option
	do
		case "${option}" in
		r)
			rom=${OPTARG} ;;
		b)
			board=${OPTARG} ;;
		m)
			modifygbe=true
			new_mac=${OPTARG} ;;
		esac
	done

	check_board
	build_dependencies
	inject_blobs

	printf "Friendly reminder (this is *not* an error message):\n"
	printf "Please always ensure that the files were inserted correctly.\n"
	printf "Read: https://libreboot.org/docs/install/ivy_has_common.html\n"
}

check_board()
{
	if ! check_release "${archive}" ; then
		[ -f "${rom}" ] || \
			err "check_board: \"${rom}\" is not a valid path"
		[ -z ${rom+x} ] && \
			err "check_board: no rom specified"
		[ ! -z ${board+x} ] || \
			board=$(detect_board "${rom}")
	else
		release=true
		releasearchive="${archive}"
		board=$(detect_board "${archive}")
	fi

	boarddir="${cbcfgsdir}/${board}"
	if [ ! -d "${boarddir}" ]; then
		err "check_board: board ${board} not found"
	fi
}

check_release()
{
	[ -f "${archive}" ] || return 1
	[ "${archive##*.}" = "xz" ] || return 1
	printf "%s\n" "Release archive ${archive} detected"
}

# This function tries to determine the board from the filename of the rom.
# It will only succeed if the filename is not changed from the build/download
detect_board()
{
	path="${1}"
	filename=$(basename ${path})
	case ${filename} in
	grub_*)
		board=$(echo "${filename}" | cut -d '_' -f2-3) ;;
	seabios_withgrub_*)
		board=$(echo "${filename}" | cut -d '_' -f3-4) ;;
	*.tar.xz)
		_stripped_prefix=${filename#*_}
		board="${_stripped_prefix%.tar.xz}" ;;
	*)
		err "detect_board: could not detect board type"
	esac	
	[ -d "${boarddir}/" ] || \
	    err "detect_board: dir, ${boarddir}, doesn't exist"
	printf '%s\n' "${board}"
}

build_dependencies()
{
	[ -d "${cbdir}" ] || ./update project trees coreboot default || \
	    err "build_dependencies: could not download coreboot/default"
	./build coreboot utils default || \
	    err "build_dependencies: could not build cbutils"
	./update blobs download ${board} || \
	    err "build_dependencies: Could not download blobs for ${board}"
}

inject_blobs()
{
	if [ "${release}" = "true" ]; then
		printf "patching release file\n"
		patch_release_roms
	else
		patch_rom "${rom}" || \
		    err "inject_blobs: could not patch ${x}"
	fi
}

patch_release_roms()
{
	_tmpdir=$(mktemp -d "/tmp/${board}_tmpXXXX")
	tar xf "${releasearchive}" -C "${_tmpdir}" || \
	    err "patch_release_roms: could not extract release archive"

	for x in "${_tmpdir}"/bin/*/*.rom ; do
		echo "patching rom $x"
		patch_rom "${x}" || err "patch_release_roms: could not patch ${x}"
	done

	(
	cd "${_tmpdir}"/bin/*
	sha1sum --status -c blobhashes || \
	    err "patch_release_roms: ROMs did not match expected hashes"
	)

	if [ "${modifygbe}" = "true" ]; then
		for x in "${_tmpdir}"/bin/*/*.rom ; do
			modify_gbe "${x}"
		done
	fi

	[ -d bin/release ] || mkdir -p bin/release || \
	    err "patch_release_roms: !mkdir -p bin/release"
	mv "${_tmpdir}"/bin/* bin/release/ || \
	    err "patch_release_roms: !mv ${_tmpdir}/bin/* bin/release/"

	printf "Success! Your ROMs are in bin/release\n"

	rm -Rf "${_tmpdir}" || err "patch_release_roms: !rm -Rf ${_tmpdir}"
}

patch_rom()
{
	rom="${1}"

	no_config="printf \"No configs on target, %s\\n\" ${board} 1>&2; exit 1"
	for x in "${boarddir}"/config/*; do
		[ -f "${x}" ] && no_config=""
	done
	eval "${no_config}"

	[ -f "${boarddir}/target.cfg" ] || \
	    err "patch_rom: file missing: ${boarddir}/target.cfg"

	set -- "${boarddir}/config/"*
	. "${1}" 2>/dev/null
	. "${boarddir}/target.cfg"

	[ "$CONFIG_HAVE_MRC" = "y" ] && \
		inject_blob_intel_mrc "${rom}"
	[ "${CONFIG_HAVE_ME_BIN}" = "y" ] && \
		inject_blob_intel_me "${rom}"
	[ "${CONFIG_KBC1126_FIRMWARE}" = "y" ] && \
		inject_blob_hp_kbc1126_ec "${rom}"
	[ "${CONFIG_VGA_BIOS_FILE}" != "" ] && \
	    [ "${CONFIG_VGA_BIOS_ID}" != "" ] && \
		inject_blob_dell_e6400_vgarom_nvidia "${rom}"
	[ "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" = "y" ] && \
	    [ "${CONFIG_SMSC_SCH5545_EC_FW_FILE}" != "" ] && \
		inject_blob_smsc_sch5545_ec "${rom}"
	[ "${modifygbe}" = "true" ] && ! [ "${release}" = "true" ] && \
		modify_gbe "${rom}"

	printf "ROM image successfully patched: %s\n" "${rom}"
}

inject_blob_intel_mrc()
{
	rom="${1}"

	printf 'adding mrc\n'

	# mrc.bin must be inserted at a specific offset. the only
	# libreboot platform that needs it, at present, is haswell

	# in cbfstool, -b values above 0x80000000 are interpreted as
	# top-aligned x86 memory locations. this is converted into an
	# absolute offset within the flash, and inserted accordingly
	# at that offset into the ROM image file

	# coreboot's own build system hardcodes the mrc.bin offset
	# because there is only one correct location in memory, but
	# it would be useful for lbmk if it could be easily scanned
	# from Kconfig, with the option to change it where in practise
	# it is not changed

	# the hardcoded offset below is based upon reading of the coreboot
	# source code, and it is *always* correct for haswell platform.
	# TODO: this logic should be tweaked to handle more platforms

	"${cbfstool}" "${rom}" add -f mrc/haswell/mrc.bin -n mrc.bin -t mrc \
	    -b 0xfffa0000 || err "inject_blob_intel_mrc: cannot insert mrc.bin"
}

inject_blob_intel_me()
{
	printf 'adding intel management engine\n'

	rom="${1}"
	[ -z ${CONFIG_ME_BIN_PATH} ] && \
		err "inject_blob_intel_me: CONFIG_ME_BIN_PATH not set"

	_me_location=${CONFIG_ME_BIN_PATH#../../}
	[ ! -f "${_me_location}" ] && \
		err "inject_blob_intel_me: per CONFIG_ME_BIN_PATH: file missing"

	"${ifdtool}" -i me:"${_me_location}" "${rom}" -O "${rom}" || \
	    err "inject_blob_intel_me: cannot insert me.bin"
}

inject_blob_hp_kbc1126_ec()
{
	rom="${1}"

	_ec1_location="${CONFIG_KBC1126_FW1#../../}"
	_ec1_offset="${CONFIG_KBC1126_FW1_OFFSET}"
	_ec2_location="${CONFIG_KBC1126_FW2#../../}"
	_ec2_offset="${CONFIG_KBC1126_FW2_OFFSET}"

	printf "adding hp kbc1126 ec firmware\n"

	if [ "${_ec1_offset}" = "" ] || [ "${_ec1_offset}" = "" ]; then
		err "inject_blob_hp_kbc1126_ec: ${board}: offset not declared"
	fi
	if [ "${_ec1_location}" = "" ] || [ "${_ec2_location}" = "" ]; then
		err "inject_blob_hp_kbc1126_ec: ${board}: EC path not declared"
	fi
	if [ ! -f "${_ec1_location}" ] || [ ! -f "${_ec2_location}" ]; then
		err "inject_blob_hp_kbc1126_ec: ${board}: ecfw not downloaded"
	fi

	"${cbfstool}" "${rom}" add -f "${_ec1_location}" -n ecfw1.bin \
	    -b ${_ec1_offset} -t raw || \
	    err "inject_blob_hp_kbc1126_ec: cannot insert ecfw1.bin"
	"${cbfstool}" "${rom}" add -f "${_ec2_location}" -n ecfw2.bin \
	    -b ${_ec2_offset} -t raw || \
	    err "inject_blob_hp_kbc1126_ec: cannot insert ecfw2.bin"
}

inject_blob_dell_e6400_vgarom_nvidia()
{
	rom="${1}"

	_vga_location="${CONFIG_VGA_BIOS_FILE#../../}"
	_vga_dir="${_vga_location%/*}"
	_vga_filename="${_vga_location##*/}"

	printf "adding pci option rom\n"

	if [ "${_vga_dir}" != "${pciromsdir}" ]; then
		err "inject_blob_dell_e6400vga: invalid pcirom dir: ${_vga_dir}"
	fi
	if [ ! -f "${_vga_location}" ]; then
		err "inject_blob_dell_e6400vga: ${_vga_location} doesn't exist"
	fi

	"${cbfstool}" "${rom}" add -f "${_vga_location}" \
	    -n "pci${CONFIG_VGA_BIOS_ID}.rom" -t optionrom || \
	    err "inject_blob_dell_e6400vga: cannot insert vga oprom"
}

inject_blob_smsc_sch5545_ec()
{
	rom="${1}"

	_sch5545ec_location="${CONFIG_SMSC_SCH5545_EC_FW_FILE#../../}"

	if [ ! -f "${_sch5545ec_location}" ]; then
		err "inject_blob_smsc_sch5545_ec: SCH5545 fw missing"
	fi

	"${cbfstool}" "${rom}" add -f "${_sch5545ec_location}" \
	    -n sch5545_ecfw.bin -t raw || \
	    err "inject_blob_smsc_sch5545_ec: can't insert sch5545_ecfw.bin"
}

modify_gbe()
{
	printf "changing mac address in gbe to ${new_mac}\n"

	rom="${1}"

	[ -z ${CONFIG_GBE_BIN_PATH} ] && \
		err "modify_gbe: ${board}: CONFIG_GBE_BIN_PATH not set"

	_gbe_location=${CONFIG_GBE_BIN_PATH#../../}

	[ -f "${_gbe_location}" ] || \
		err "modify_gbe: CONFIG_GBE_BIN_PATH points to missing file"
	[ -f "${nvmutil}" ] || \
		make -C util/nvmutil || err "modify_gbe: couldn't build nvmutil"

	_gbe_tmp=$(mktemp -t gbeXXXX.bin)
	cp "${_gbe_location}" "${_gbe_tmp}"
	"${nvmutil}" "${_gbe_tmp}" setmac "${new_mac}" || \
	    err "modify_gbe: ${board}: failed to modify mac address"

	"${ifdtool}" -i GbE:"${_gbe_tmp}" "${rom}" -O "${rom}" || \
	    err "modify_gbe: ${board}: cannot insert modified gbe.bin"

	rm -f "${_gbe_tmp}"
}

usage()
{
	cat <<- EOF
	USAGE: ./update blobs inject -r [rom path] -b [boardname] -m [macaddress]
	Example: ./update blobs inject -r x230_12mb.rom -b x230_12mb

	Adding a macadress to the gbe is optional.
	If the [-m] parameter is left blank, the gbe will not be touched.

	Type './update blobs inject listboards' to get a list of valid boards
	EOF
}

main $@