blobs/inject: fix checksum validation if no-ucode
on e6400_4mb, the release build scripts remove nvidia's vga rom which is used on dgpu models. however, microcode is also removed in separately copied rom images the inject script was inserting vgaroms directly into these no-microcode roms, but the microcode blob is bigger than the vga rom, and cbfstool inserts into the first available free spot within cbfs, so it was inserting into the spot where cpu microcode went. this caused the rom checksum to not match what was generated during build/release/roms being executed the only real fix is to guarantee offsets within cbfs for all files, by recording what offsets were used and then calculating that during insertion so this patch is a workaround, but fixes the issue. the workaround is: don't insert blobs directly on no-microcode roms, instead insert only on microcode-based roms, then re-copy those roms and remove microcode in aptly named copies it's a bit more convoluted, but works perfectly fine. Signed-off-by: Leah Rowe <leah@libreboot.org>btrfsvols
Leah Rowe
parent
f989d5b434
commit
20be007f5b
|
|
@ -9,6 +9,8 @@
|
|||
. "include/defconfig.sh"
|
||||
. "include/blobutil.sh"
|
||||
|
||||
release_archive="n"
|
||||
|
||||
main()
|
||||
{
|
||||
sname="${0}"
|
||||
|
|
@ -103,8 +105,10 @@ build_dependencies()
|
|||
|
||||
inject_blobs()
|
||||
{
|
||||
release_archive="n"
|
||||
if [ "${release}" = "true" ]; then
|
||||
printf "patching release file\n"
|
||||
release_archive="y"
|
||||
patch_release_roms
|
||||
else
|
||||
patch_rom "${rom}" || \
|
||||
|
|
@ -124,13 +128,22 @@ patch_release_roms()
|
|||
echo "patching rom $x"
|
||||
patch_rom "${x}" || err "patch_release_roms: could not patch ${x}"
|
||||
done
|
||||
for x in "${_tmpdir}"/bin/*/*_nomicrocode.rom ; do
|
||||
[ -f "${x}" ] || continue
|
||||
[ -f "${x%_nomicrocode.rom}.rom" ] || continue
|
||||
|
||||
cp "${x%_nomicrocode.rom}.rom" "${x}" || \
|
||||
err "patch_release_roms: ${x}: can't overwrite no-ucode rom"
|
||||
"${cbfstool}" "${x}" remove -n cpu_microcode_blob.bin || \
|
||||
err "patch_release_roms: ${x}: cannot remove u-code"
|
||||
done
|
||||
|
||||
(
|
||||
cd "${_tmpdir}"/bin/*
|
||||
|
||||
# NOTE: For compatibility with older rom releases, defer to sha1
|
||||
sha512sum --status -c blobhashes || \
|
||||
sha1sum --statuc -c blobhashes || \
|
||||
sha1sum --status -c blobhashes || \
|
||||
err "patch_release_roms: ROMs did not match expected hashes"
|
||||
)
|
||||
|
||||
|
|
@ -154,6 +167,16 @@ patch_rom()
|
|||
{
|
||||
rom="${1}"
|
||||
|
||||
# we don't process no-microcode roms; these are
|
||||
# instead re-created at the end, after re-inserting
|
||||
# on roms with microcode, by copying and then removing,
|
||||
# so that the hashes will match (otherwise, cbfstool
|
||||
# may sometimes insert certain blobs at the wrong offset)
|
||||
# (unless nomicrocode is the only config provided)
|
||||
[ "${rom}" != "${rom%_nomicrocode.rom}.rom" ] && \
|
||||
[ -f "${rom%_nomicrocode.rom}.rom" ] && \
|
||||
[ "${release_archive}" = "y" ] && return 0
|
||||
|
||||
check_defconfig "${boarddir}" || exit 1
|
||||
set -- "${boarddir}/config/"*
|
||||
. "${1}" 2>/dev/null
|
||||
|
|
|
|||
Loading…
Reference in New Issue