libreboot
/
lbmk
1
0
Fork 0
Code Packages Projects Releases Activity

blobutil/download: cleaner coding style 

consistent indentation, and 80-line character limit
(RFC 2646)

top-down order, a main() is introduced, split into
more functions

non-zero-status exit (with message) now, when a non-
defined target is provided, e.g. nonexistentboard_4mb

puffy!
fsdg20230625
Leah Rowe 2023-05-14 20:06:03 +01:00
parent 557272fa39
commit b74e407806
1 changed files with 196 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

347
resources/scripts/blobs/download
View File

@ -8,13 +8,18 @@
ec_url="" ec_url=""
ec_url_bkup="" ec_url_bkup=""
ec_hash="" ec_hash=""
dl_hash=""
dl_url=""
dl_url_bkup=""
e6400_vga_dl_hash="" e6400_vga_dl_hash=""
e6400_vga_dl_url="" e6400_vga_dl_url=""
e6400_vga_dl_url_bkup="" e6400_vga_dl_url_bkup=""
e6400_vga_offset="" e6400_vga_offset=""
e6400_vga_romname="" e6400_vga_romname=""
cbdir="coreboot/default"
cbcfgsdir="resources/coreboot"
boarddir=""
blobdir="blobs" blobdir="blobs"
dl_path="${blobdir}/vendorupdate" dl_path="${blobdir}/vendorupdate"
appdir="${blobdir}/app" appdir="${blobdir}/app"
@ -22,174 +27,196 @@ _7ztest="a"
mecleaner="$(pwd)/me_cleaner/me_cleaner.py" mecleaner="$(pwd)/me_cleaner/me_cleaner.py"
e6400_unpack="$(pwd)/bios_extract/dell_inspiron_1100_unpacker.py" e6400_unpack="$(pwd)/bios_extract/dell_inspiron_1100_unpacker.py"
me7updateparser="$(pwd)/resources/blobs/me7_update_parser.py" me7updateparser="$(pwd)/resources/blobs/me7_update_parser.py"
kbc1126_ec_dump="$(pwd)/coreboot/default/util/kbc1126/kbc1126_ec_dump" kbc1126_ec_dump="$(pwd)/${cbdir}/util/kbc1126/kbc1126_ec_dump"
board="${1}" board=""
# A shorthand for each board, to avoid duplicating configs per flash size _b="" # board shorthand without e.g. _4mb (avoid duplication per flash size)
board_short=${board%%_*mb}
set -- "resources/coreboot/${board}/config/*" CONFIG_HAVE_MRC=""
. ${1} 2>/dev/null CONFIG_HAVE_IFD_BIN=""
. "resources/coreboot/${board}/board.cfg" CONFIG_HAVE_ME_BIN=""
CONFIG_HAVE_GBE_BIN=""
CONFIG_KBC1126_FIRMWARE=""
CONFIG_BOARD_DELL_E6400=""
CONFIG_VGA_BIOS_FILE=""
if [ "${CONFIG_HAVE_MRC}" = "y" ]; then main()
printf 'haswell board detected, downloading mrc\n' {
needs="${needs} MRC" board="${1}"
fi boarddir="${cbcfgsdir}/${board}"
if [ "${CONFIG_HAVE_IFD_BIN}" = "y" ]; then if [ ! -d "${boarddir}" ]; then
printf 'board needs intel firmware descriptor\n' fail "Target not defined"
needs="${needs} IFD" elif [ ! -f "${boarddir}/board.cfg" ]; then
fi fail "Target missing board.cfg"
fi
detect_firmware || exit 0
scan_sources_config
if [ "${CONFIG_HAVE_ME_BIN}" = "y" ]; then build_dependencies
printf 'board needs intel management engine\n' download_blobs
needs="${needs} ME" }
fi
if [ "${CONFIG_HAVE_GBE_BIN}" = "y" ]; then detect_firmware()
printf 'board needs gigabit ethernet firmware\n' {
needs="${needs} GBE" set -- "${boarddir}/config/"*
fi . ${1} 2>/dev/null
. "${boarddir}/board.cfg"
if [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ]; then if [ "${CONFIG_HAVE_MRC}" = "y" ]; then
printf "HP board with KBC1126 EC detected, downloading ec\n" needs="${needs} MRC"
needs="${needs} EC" fi
fi if [ "${CONFIG_HAVE_IFD_BIN}" = "y" ]; then
needs="${needs} IFD"
if [ "${CONFIG_BOARD_DELL_E6400}" = "y" ] \ fi
if [ "${CONFIG_HAVE_ME_BIN}" = "y" ]; then
needs="${needs} ME"
fi
if [ "${CONFIG_HAVE_GBE_BIN}" = "y" ]; then
needs="${needs} GBE"
fi
if [ "${CONFIG_KBC1126_FIRMWARE}" = "y" ]; then
needs="${needs} EC"
fi
if [ "${CONFIG_BOARD_DELL_E6400}" = "y" ] \
&& [ "${CONFIG_VGA_BIOS_FILE}" != "" ]; then && [ "${CONFIG_VGA_BIOS_FILE}" != "" ]; then
printf "Dell E6400 with Nvidia GPU detected, downloading VGA ROM\n" needs="${needs} E6400VGA"
needs="${needs} E6400VGA" fi
fi if [ -z ${needs+x} ]; then
printf 'No binary blobs needed for this board\n'
return 1
fi
printf "Firmware needed for board %s: %s\n" ${board} ${needs}
return 0
}
# Quickly exit without wasting more time if there are no blobs needed (GM45) scan_sources_config()
if [ -z ${needs+x} ]; then {
printf 'No binary blobs needed for this board\n' # Shorthand (avoid duplicating configs per flash size)
exit 0 _b=${board%%_*mb}
fi
while read -r line ; do awkstr=" /\{.*${_b}.*}{/ {flag=1;next} /\}/{flag=0} flag { print }"
case ${line} in
while read -r line ; do
case ${line} in
EC_url*) EC_url*)
set ${line} set ${line}
ec_url=${2} ec_url=${2}
;; ;;
EC_url_bkup*) EC_url_bkup*)
set ${line} set ${line}
ec_url_bkup=${2} ec_url_bkup=${2}
;; ;;
EC_hash*) EC_hash*)
set ${line} set ${line}
ec_hash=${2} ec_hash=${2}
;; ;;
DL_hash*) DL_hash*)
set ${line} set ${line}
dl_hash=${2} dl_hash=${2}
;; ;;
DL_url*) DL_url*)
set ${line} set ${line}
dl_url=${2} dl_url=${2}
;; ;;
DL_url_bkup*) DL_url_bkup*)
set ${line} set ${line}
dl_url_bkup=${2} dl_url_bkup=${2}
;; ;;
E6400_VGA_DL_hash*) E6400_VGA_DL_hash*)
set ${line} set ${line}
e6400_vga_dl_hash=${2} e6400_vga_dl_hash=${2}
;; ;;
E6400_VGA_DL_url*) E6400_VGA_DL_url*)
set ${line} set ${line}
e6400_vga_dl_url=${2} e6400_vga_dl_url=${2}
;; ;;
E6400_VGA_DL_url_bkup*) E6400_VGA_DL_url_bkup*)
set ${line} set ${line}
e6400_vga_dl_url_bkup=${2} e6400_vga_dl_url_bkup=${2}
;; ;;
E6400_VGA_offset*) E6400_VGA_offset*)
set ${line} set ${line}
e6400_vga_offset=${2} e6400_vga_offset=${2}
;; ;;
E6400_VGA_romname*) E6400_VGA_romname*)
set ${line} set ${line}
e6400_vga_romname=${2} e6400_vga_romname=${2}
;; ;;
esac esac
done << EOF done << EOF
$(eval "awk ' /\{.*${board_short}.*}{/ {flag=1;next} /\}/{flag=0} flag { print }' resources/blobs/sources") $(eval "awk '${awkstr}' resources/blobs/sources")
EOF EOF
Main() {
Build_deps
Download_needed
} }
Fail(){ build_dependencies()
printf "\nERROR: $@\n" {
exit 1
}
Build_deps(){
if [ ! -d me_cleaner ]; then if [ ! -d me_cleaner ]; then
printf "downloading me_cleaner\n" printf "downloading me_cleaner\n"
./download me_cleaner || Fail 'could not download me_cleaner' ./download me_cleaner || fail "could not download me_cleaner"
fi fi
if [ ! -d coreboot/default ]; then if [ ! -d ${cbdir} ]; then
printf "downloading coreboot\n" printf "downloading coreboot\n"
./download coreboot default || Fail 'could not download coreboot' ./download coreboot default \
|| fail "could not download coreboot"
fi fi
if [ ! -d bios_extract ]; then if [ ! -d bios_extract ]; then
printf "downloading bios_extract\n" printf "downloading bios_extract\n"
./download bios_extract || Fail 'could not download bios_extract' ./download bios_extract \
|| fail "could not download bios_extract"
fi fi
if [ ! -f coreboot/default/util/kbc1126/kbc1126_ec_dump ]; then if [ ! -f ${cbdir}/util/kbc1126/kbc1126_ec_dump ]; then
printf "Building kbc1126_ec_dump from coreboot\n" printf "Building kbc1126_ec_dump from coreboot\n"
make -BC coreboot/default/util/kbc1126 || Fail \ make -BC ${cbdir}/util/kbc1126 \
"could not build kbc1126_ec_dump" || fail "could not build kbc1126_ec_dump"
fi fi
if [ ! -f "coreboot/default/util/ifdtool/ifdtool" ]; then if [ ! -f "${cbdir}/util/ifdtool/ifdtool" ]; then
printf "building ifdtool from coreboot\n" printf "building ifdtool from coreboot\n"
make -C coreboot/default/util/ifdtool || Fail 'could not build ifdtool' make -C ${cbdir}/util/ifdtool \
|| fail 'could not build ifdtool'
fi fi
} }
Download_needed(){ download_blobs()
{
for need in ${needs}; do for need in ${needs}; do
case ${need} in case ${need} in
*ME*) *ME*)
Download_me || _failed="${_failed} me" download_blob_intel_me || _failed="${_failed} me"
;; ;;
*MRC*) *EC*)
./download mrc || _failed="${_failed} mrc" download_ec || _failed="${_failed} ec"
;; ;;
*EC*) *E6400VGA*)
Download_ec || _failed="${_failed} ec" download_e6400vga || _failed="${_failed} e6400vga"
;; ;;
*E6400VGA*) *MRC*)
Download_e6400vga || _failed="${_failed} e6400vga" ./download mrc || _failed="${_failed} mrc"
;; ;;
esac esac
done done
if [ ! -z ${_failed+x} ]; then if [ ! -z ${_failed+x} ]; then
Fail "failed to obtain ${_failed}\nYou may try manually extracting blobs with './blobutil extract'" fail "failed to obtain ${_failed}\nTry manual extraction?"
fi fi
} }
Download_me() { download_blob_intel_me()
{
printf "Downloading neutered ME for board: %s\n" ${board} printf "Downloading neutered ME for board: %s\n" ${board}
Fetch_update me || return 1 fetch_update me || return 1
Extract_me || return 1 extract_blob_intel_me || return 1
return 0 return 0
} }
Extract_me(){ extract_blob_intel_me()
{
printf "Extracting neutered ME for ${board}\n" printf "Extracting neutered ME for ${board}\n"
_me_destination=${CONFIG_ME_BIN_PATH#../../} _me_destination=${CONFIG_ME_BIN_PATH#../../}
@ -207,20 +234,23 @@ Extract_me(){
return 0 return 0
fi fi
printf 'extracting and stripping intel management engine\n' printf "Extracting and stripping Intel ME firmware\n"
innoextract ${dl_path} -d ${blobdir} \
|| 7z x ${dl_path} -o${appdir} \
|| Fail 'could not extract me executable with innoextract'
Bruteforce_extract_me "$(pwd)/${_me_destination}" "$(pwd)/${appdir}" \ innoextract ${dl_path} -d ${blobdir} \
|| return 1 || 7z x ${dl_path} -o${appdir} \
|| fail 'Could not extract vendor update'
bruteforce_extract_blob_intel_me "$(pwd)/${_me_destination}" \
"$(pwd)/${appdir}" \
|| fail "Could not extract Intel ME firmware"
printf "Truncated and cleaned me output to ${_me_destination}\n" printf "Truncated and cleaned me output to ${_me_destination}\n"
return 0 return 0
} }
# cursed, carcinogenic code. TODO rewrite it better # cursed, carcinogenic code. TODO rewrite it better
Bruteforce_extract_me() { bruteforce_extract_blob_intel_me()
{
_me_destination="${1}" _me_destination="${1}"
cdir="${2}" # must be an absolute path, not relative cdir="${2}" # must be an absolute path, not relative
@ -242,19 +272,22 @@ Bruteforce_extract_me() {
# symlinks are a security risk, in this context # symlinks are a security risk, in this context
continue continue
elif [ -f "${i}" ]; then elif [ -f "${i}" ]; then
"${mecleaner}" -r -t -O "${sdir}/vendorfile" -M "${_me_destination}" "${i}" \ "${mecleaner}" -r -t -O "${sdir}/vendorfile" \
-M "${_me_destination}" "${i}" \
&& break # (we found me.bin) && break # (we found me.bin)
"${mecleaner}" -r -t -O "${_me_destination}" "${i}" \ "${mecleaner}" -r -t -O "${_me_destination}" "${i}" \
&& break # (we found me.bin) && break # (we found me.bin)
"${me7updateparser}" -O ${_me_destination} "${i}" \ "${me7updateparser}" -O ${_me_destination} "${i}" \
&& break && break # (we found me.bin)
_7ztest="${_7ztest}a" _7ztest="${_7ztest}a"
7z x "${i}" -o${_7ztest} || continue 7z x "${i}" -o${_7ztest} || continue
Bruteforce_extract_me "${_me_destination}" "${cdir}/${_7ztest}" bruteforce_extract_blob_intel_me "${_me_destination}" \
"${cdir}/${_7ztest}"
cdir="${1}" cdir="${1}"
cd "${cdir}" cd "${cdir}"
elif [ -d "$i" ]; then elif [ -d "$i" ]; then
Bruteforce_extract_me "${_me_destination}" "${cdir}/${i}" bruteforce_extract_blob_intel_me "${_me_destination}" \
"${cdir}/${i}"
cdir="${1}" cdir="${1}"
cd "${cdir}" cd "${cdir}"
else else
@ -266,23 +299,25 @@ Bruteforce_extract_me() {
rm -Rf "${sdir}" rm -Rf "${sdir}"
if [ ! -f "${_me_destination}" ]; then if [ ! -f "${_me_destination}" ]; then
printf "me.bin not found in vendor update for board: %s\n" ${board} printf "me.bin not found in vendor update for: %s\n" ${board}
return 1 return 1
else else
return 0 return 0
fi fi
} }
Download_ec() { download_ec()
{
printf "Downloading KBC1126 EC firmware for HP laptop\n" printf "Downloading KBC1126 EC firmware for HP laptop\n"
Fetch_update ec || return 1 fetch_update ec || return 1
Extract_ec || return 1 extract_ec || return 1
return 0 return 0
} }
Extract_ec() { extract_ec()
{
printf "Extracting KBC1126 EC firmware for board: %s\n" ${board} printf "Extracting KBC1126 EC firmware for board: %s\n" ${board}
_ec_destination=${CONFIG_KBC1126_FW1#../../} _ec_destination=${CONFIG_KBC1126_FW1#../../}
@ -315,28 +350,31 @@ Extract_ec() {
) )
for i in 1 2; do for i in 1 2; do
if [ ! -f "${appdir}/${dl_path##*/}/ec.bin.fw${i}" ]; then if [ -f "${appdir}/${dl_path##*/}/ec.bin.fw${i}" ]; then
printf "Not found: %s/%s/ec.bin.fw%s\n" \ continue
${appdir} ${dl_path##*/} ${i}
printf "Could not extract EC firmware for board: %s\n" \
${board}
return 1
fi fi
printf "Not found: %s/%s/ec.bin.fw%s\n" \
${appdir} ${dl_path##*/} ${i}
printf "Could not extract EC firmware for: %s\n" \
${board}
return 1
done done
cp "${appdir}/${dl_path##*/}"/ec.bin.fw* "${_ec_destination%/*}/" cp "${appdir}/${dl_path##*/}"/ec.bin.fw* "${_ec_destination%/*}/"
} }
Download_e6400vga() { download_e6400vga()
{
printf "Downloading Nvidia VGA ROM for Dell Latitude E6400\n" printf "Downloading Nvidia VGA ROM for Dell Latitude E6400\n"
Fetch_update e6400vga || return 1 fetch_update e6400vga || return 1
Extract_e6400vga || return 1 extract_e6400vga || return 1
return 0 return 0
} }
Extract_e6400vga() { extract_e6400vga()
{
printf "Extracting Nvidia VGA ROM for ${board}\n" printf "Extracting Nvidia VGA ROM for ${board}\n"
_vga_destination=${CONFIG_VGA_BIOS_FILE#../../} _vga_destination=${CONFIG_VGA_BIOS_FILE#../../}
@ -369,11 +407,11 @@ Extract_e6400vga() {
tail -c +${e6400_vga_offset} "${dl_path##*/}" \ tail -c +${e6400_vga_offset} "${dl_path##*/}" \
| gunzip > bios.bin | gunzip > bios.bin
if [ ! -f "bios.bin" ]; then if [ ! -f "bios.bin" ]; then
Fail 'Could not extract bios.bin from Dell E6400 update' fail 'Could not extract bios.bin from Dell E6400 update'
fi fi
"${e6400_unpack}" bios.bin || printf "TODO: fix dell extract util\n" "${e6400_unpack}" bios.bin || printf "TODO: fix dell extract util\n"
if [ ! -f "${e6400_vga_romname}" ]; then if [ ! -f "${e6400_vga_romname}" ]; then
Fail 'Could not extract VGA ROM from Dell E6400 BIOS update' fail 'Could not extract VGA ROM from Dell E6400 BIOS update'
fi fi
) )
@ -383,7 +421,8 @@ Extract_e6400vga() {
return 0 return 0
} }
Fetch_update() { fetch_update()
{
printf "Fetching vendor update for board: %s\n" ${board} printf "Fetching vendor update for board: %s\n" ${board}
fw_type="${1}" fw_type="${1}"
@ -412,28 +451,34 @@ Fetch_update() {
return 1 return 1
fi fi
Vendor_checksum ${dlsum} || \ vendor_checksum ${dlsum} || \
wget ${dl} -O ${dl_path} || wget ${dl_bkup} -O ${dl_path} wget ${dl} -O ${dl_path} || wget ${dl_bkup} -O ${dl_path}
Vendor_checksum ${dlsum} || Fail \ vendor_checksum ${dlsum} || fail \
"Cannot guarantee intergity of vendor update for board: ${board}" "Cannot guarantee intergity of vendor update for: ${board}"
return 0 return 0
} }
Vendor_checksum() { vendor_checksum()
{
sha1=$1 sha1=$1
if [ ! -f "${dl_path}" ]; then if [ ! -f "${dl_path}" ]; then
printf "Vendor update not found on disk for board: %s\n" ${board} printf "Vendor update not found on disk for: %s\n" ${board}
return 1 return 1
fi fi
if [ "$(sha1sum ${dl_path} | awk '{print $1}')" != "${sha1}" ]; then if [ "$(sha1sum ${dl_path} | awk '{print $1}')" != "${sha1}" ]; then
printf "Bad checksum on vendor update for board: %s\n" ${board} printf "Bad checksum on vendor update for: %s\n" ${board}
# rm ${dl_path}
return 1 return 1
fi fi
return 0 return 0
} }
Main fail()
{
printf "\nERROR: $@\n"
exit 1
}
main $@