update/blobs/*: unified download/checksum logic

Use the same logic between blobs/download and blobs/mrc. The logic is taken from blobs/download. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-29 03:20:02 +01:00 · 2023-09-29 03:20:02 +01:00 · 0bb3c59620
parent 5d934be7b0
commit 0bb3c59620
4 changed files with 64 additions and 90 deletions
--- a/include/blobutil.sh
+++ b/include/blobutil.sh
@ -1,8 +1,6 @@
 # SPDX-License-Identifier: GPL-3.0-only
 # SPDX-FileCopyrightText: 2023 Leah Rowe <leah@libreboot.org>

-agent="Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0"
-
 _7ztest="a"

 _b=""
@ -10,10 +8,9 @@ blobdir="blobs"
 appdir="${blobdir}/app"

 setvars="EC_url=\"\""
-for x in EC_url_bkup EC_hash DL_hash DL_url DL_url_bkup dl_path \
-    E6400_VGA_DL_hash E6400_VGA_DL_url E6400_VGA_DL_url_bkup E6400_VGA_offset \
-    E6400_VGA_romname SCH5545EC_DL_url SCH5545EC_DL_url_bkup \
-    SCH5545EC_DL_hash; do
+for x in EC_url_bkup EC_hash DL_hash DL_url DL_url_bkup E6400_VGA_DL_hash \
+    E6400_VGA_DL_url E6400_VGA_DL_url_bkup E6400_VGA_offset E6400_VGA_romname \
+    SCH5545EC_DL_url SCH5545EC_DL_url_bkup SCH5545EC_DL_hash; do
 	setvars="${setvars}; ${x}=\"\""
 done

--- a/include/fetch.sh
+++ b/include/fetch.sh
@ -0,0 +1,41 @@
+# SPDX-License-Identifier: GPL-3.0-only
+# SPDX-FileCopyrightText: 2023 Leah Rowe <leah@libreboot.org>
+
+agent="Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0"
+dl_path=""
+
+fetch()
+{
+	dl_type="${1}"
+	dl="${2}"
+	dl_bkup="${3}"
+	dlsum="${4}"
+	dl_path="${5}"
+	_fail="${6}"
+
+	mkdir -p "${dl_path%/*}" || "${_fail}" "fetch: !mkdir ${dl_path%/*}"
+
+	dl_fail="y"
+	vendor_checksum "${dlsum}" "${dl_path}" && dl_fail="n"
+	for url in "${dl}" "${dl_bkup}"; do
+		[ "${dl_fail}" = "n" ] && break
+		[ -z "${url}" ] && continue
+		rm -f "${dl_path}" || "${_fail}" "fetch: !rm -f ${dl_path}"
+		wget --tries 3 -U "${agent}" "${url}" -O "${dl_path}" || \
+		    continue
+		vendor_checksum "${dlsum}" "${dl_path}" && dl_fail="n"
+	done
+	[ "${dl_fail}" = "y" ] && \
+		"${_fail}" "fetch ${dlsum}: matched file unavailable"
+
+	eval "extract_${dl_type}"
+}
+
+vendor_checksum()
+{
+	if [ "$(sha512sum ${2} | awk '{print $1}')" != "${1}" ]; then
+		printf "Bad checksum for file: %s\n" "${2}" 1>&2
+		rm -f "${2}" || :
+		return 1
+	fi
+}
--- a/script/update/blobs/download
+++ b/script/update/blobs/download
@ -7,6 +7,7 @@
 . "include/err.sh"
 . "include/defconfig.sh"
 . "include/blobutil.sh"
+. "include/fetch.sh"

 main()
 {
@ -66,58 +67,24 @@ build_dependencies()
 download_blobs()
 {
 	[ -z "${CONFIG_HAVE_ME_BIN}" ] || \
-		fetch "intel_me" "${DL_url}" "${DL_url_bkup}" "${DL_hash}"
+		fetch "intel_me" "${DL_url}" "${DL_url_bkup}" "${DL_hash}" \
+		    "${blobdir}/cache/${DL_hash}" "err"
 	[ -z "${CONFIG_INCLUDE_SMSC_SCH5545_EC_FW}" ] || \
 		fetch "sch5545ec" "${SCH5545EC_DL_url}" \
-		    "${SCH5545EC_DL_url_bkup}" "${SCH5545EC_DL_hash}"
+		    "${SCH5545EC_DL_url_bkup}" "${SCH5545EC_DL_hash}" \
+		    "${blobdir}/cache/${SCH5545EC_DL_hash}" "err"
 	[ -z "${CONFIG_KBC1126_FIRMWARE}" ] || \
-		fetch "kbc1126ec" "${EC_url}" "${EC_url_bkup}" "${EC_hash}"
+		fetch "kbc1126ec" "${EC_url}" "${EC_url_bkup}" "${EC_hash}" \
+		    "${blobdir}/cache/${EC_hash}" "err"
 	[ -z "${CONFIG_VGA_BIOS_FILE}" ] || \
 		fetch "e6400vga" "${E6400_VGA_DL_url}" \
-		    "${E6400_VGA_DL_url_bkup}" "${E6400_VGA_DL_hash}"
+		    "${E6400_VGA_DL_url_bkup}" "${E6400_VGA_DL_hash}" \
+		    "${blobdir}/cache/${E6400_VGA_DL_hash}" "err"
 	if [ ! -z "${CONFIG_HAVE_MRC}" ]; then
 		./update blobs mrc || err "download_blobs ${board}: !mrc"
 	fi
 }

-fetch()
-{
-	dl_type="${1}"
-	dl="${2}"
-	dl_bkup="${3}"
-	dlsum="${4}"
-
-	dl_path="${blobdir}/cache/${dlsum}"
-	mkdir -p "${blobdir}/cache" || err "fetch: !mkdir ${blobdir}/cache"
-
-	dl_fail="y"
-	vendor_checksum "${dlsum}" && dl_fail="n"
-	for x in "${dl}" "${dl_bkup}"; do
-		[ "${dl_fail}" = "n" ] && break
-		[ -z "${x}" ] && continue
-		rm -f "${dl_path}" || err "fetch: !rm -f ${dl_path}"
-		wget --tries 3 -U "${agent}" "${x}" -O "${dl_path}" || continue
-		vendor_checksum "${dlsum}" && dl_fail="n"
-	done
-	if [ "${dl_fail}" = "y" ]; then
-		printf "ERROR: invalid vendor updates for: %s\n" "${board}" 1>&2
-		err "fetch ${dlsum}: matched vendor update unavailable"
-	fi
-
-	eval "extract_${dl_type}"
-}
-
-vendor_checksum()
-{
-	if [ ! -f "${dl_path}" ]; then
-		printf "Vendor update not found for: %s\n" "${board}" 1>&2
-		return 1
-	elif [ "$(sha512sum ${dl_path} | awk '{print $1}')" != "${1}" ]; then
-		printf "Bad checksum on vendor update for: %s\n" "${board}" 1>&2
-		return 1
-	fi
-}
-
 extract_intel_me()
 {
 	_me_destination=${CONFIG_ME_BIN_PATH#../../}
--- a/script/update/blobs/mrc
+++ b/script/update/blobs/mrc
@ -9,6 +9,7 @@
 set -u -e

 . "include/err.sh"
+. "include/fetch.sh"

 export PATH="${PATH}:/sbin"

@ -43,20 +44,10 @@ main()
 	sname=${0}
 	printf "Downloading Intel MRC blobs\n"

-	check_existing || return 0
+	vendor_checksum "${_mrc_complete_hash}" "${_mrc_complete}" && return 0
 	build_dependencies
-	fetch_mrc || err "could not fetch mrc.bin"
-}
-
-check_existing()
-{
-	[ -f "${_mrc_complete}" ] || \
-		return 0
-	printf "found existing mrc.bin\n" 1>&2
-	[ "$(sha512sum "${_mrc_complete}" | awk '{print $1}')" \
-	    = "${_mrc_complete_hash}" ] && \
-		return 1
-	printf "hashes did not match, starting over\n" 1>&2
+	fetch "mrc" "${_url}" "${_url2}" "${_sha512sum}" \
+	    "mrc/haswell/${_file}.zip" "err"
 }

 build_dependencies()
@ -67,18 +58,15 @@ build_dependencies()
 	    err "build_dependencies: cannot build cbutils/default"
 }

-fetch_mrc()
+extract_mrc()
 {
-	mkdir -p mrc/haswell/ || err "fetch_mrc: !mkdir mrc/haswell"
+	mkdir -p mrc/haswell/ || err "extract_mrc: !mkdir mrc/haswell"

 	(
-	cd mrc/haswell/ || err "fetch_mrc: !cd mrc/haswell"
+	cd mrc/haswell/ || err "extract_mrc: !cd mrc/haswell"

-	download_image "${_url}" "${_file}" "${_sha512sum}"
-	[ -f ${_file} ] || \
-		download_image "${_url2}" "${_file}" "${_sha512sum}"
-	[ -f $_file ] || \
-		err "fetch_mrc: ${_file} not downloaded / verification failed."
+	unzip -q "${_file}.zip" || err "download_image: cannot unzip"
+	rm -f "${_file}.zip" || err "download_image: can't rm zip {1}"

 	extract_partition ROOT-A "${_file}" root-a.ext2
 	extract_shellball root-a.ext2 chromeos-firmwareupdate-${_board}
@ -86,33 +74,14 @@ fetch_mrc()
 	extract_coreboot chromeos-firmwareupdate-${_board}

 	../../"${cbfstool}" coreboot-*.bin extract -f mrc.bin -n mrc.bin \
-	    -r RO_SECTION || err "fetch_mrc: could not fetch mrc.bin"
+	    -r RO_SECTION || err "extract_mrc: could not fetch mrc.bin"
 	rm -f "chromeos-firmwareupdate-${_board}" coreboot-*.bin \
-	    "${_file}" "root-a.ext2" || err "fetch_mrc: cannot remove files"
+	    "${_file}" "root-a.ext2" || err "extract_mrc: cannot remove files"

 	printf "\n\nmrc.bin saved to ${_mrc_complete}\n\n"
 	)
 }

-download_image()
-{
-	url=${1}
-	_file=${2}
-	_sha512sum=${3}
-
-	printf "Downloading recovery image\n"
-	curl --retry 3 "$url" > "$_file.zip" || err "download_image: curl failed"
-	printf "Verifying recovery image checksum\n"
-	if [ "$(sha512sum "${_file}.zip" | awk '{print $1}')" = "${_sha512sum}" ]
-	then
-		unzip -q "${_file}.zip" || err "download_image: cannot unzip"
-		rm -f "${_file}.zip" || err "download_image: can't rm zip {1}"
-		return 0
-	fi
-	rm -f "${_file}.zip" || err "download_image: bad hash, and can't rm zip"
-	err "download_image: Bad checksum. Recovery image deleted"
-}
-
 extract_partition()
 {
 	NAME=${1}