Commit Graph

18 Commits (audit6-merge1)

Author SHA1 Message Date
Leah Rowe 167e1a0fbe unified checks for variable initialisation
new function chkvars() does the job

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-14 13:37:03 +01:00
Leah Rowe 5c14e8e1bc general code cleanup in the build system
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-26 07:22:44 +01:00
Leah Rowe 03fae0cf88 mrc.sh: remove redundant function extract_ref()
extract_ref() is no longer used

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-11 22:48:51 +01:00
Leah Rowe cc33974150 remove haswell mrc blob (libre raminit stable now)
broadwell mrc is retained, because it's needed on 820 g2

it's no longer needed on haswell, because nri is stable. nri
is short for "native ram initialisation", and libreboot provides
this for: thinkpad t440p, thinkpad w541, dell optiplex 9020 mt,
and dell optiplex 9020 sff

remove, in line with libreboot's binary blob reduction policy

previous revisions, prior to the recent release, stated that
it would be retained for compatibility, but it's really not
right to retain it, because doing so violates libreboot's policy

the recent release excluded mrc-based rom images for haswell
machines, providing only those rom images that use the libre
raminit, while retaining support for mrc in the build system, so
that users could still run the lbmk inject script on older release
roms that use mrc

again: libreboot's binary blob reduction policy is very clear:

https://libreboot.org/news/policy.html

it is a policy that can be summarised, thus:

if a blob can be avoided, it must be avoided.

therefore, we will avoid the Haswell MRC raminit blob

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-11 19:12:11 +01:00
Leah Rowe 6ebab10caa safer, simpler error handling in lbmk
in shell scripts, a function named the same as a program included in
the $PATH will override that program. for example, you could make a
function called ls() and this would override the standand "ls".

in lbmk, a part of it was first trying to run the "fail" command,
deferring to "err", because some scripts call fail() which does
some minor cleanup before calling err.

in most cases, fail() is not defined, and it's possible that the user
could have a program called "fail" in their $PATH, the behaviour of
which we could not determine, and it could have disastrous effects.

lbmk error handling has been re-engineered in such a way that the
err function is defined in a variable, which defaults to err_ which
calls err_, so defined under include/err.sh.

in functions that require cleanup prior to error handling, a fail()
function is still defined, and err is overridden, thus:

err="fail"

this change has made xx_() obsolete, so now only x_ is used. the x_
function is a wrapper that can be used to run a command and exit with
non-zero status (from lbmk) if the command fails. the xx_ command
did the same thing, but called fail() which would have called err();
now everything is $err

example:

	rm -f "$filename" || err "could not delete file"

this would now be:

	rm -f "$filename" || $err "could not delete file"

overriding of err= must be done *after* including err.sh. for
example:

err="fail"
. "include/err.sh"

^ this is wrong. instead, one must do:

. "include/err.sh"
err="fail"

this is because err is set as a global variable under err.sh

the new error handling is much cleaner, and safer. it also reduces
the chance of mistakes such as: calling err when you meant to
call fail. this is because the standard way is now to call $err,
so you set err="fail" at the top of the script and all is well.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-03-27 01:50:31 +00:00
Leah Rowe 401c0882aa NEW MAINBOARD: HP EliteBook 820 G2
This is of Broadwell platform, one generation above Haswell.

Of note: this uses HP Sure Start. Although the flash is 16MB,
our CBFS section (and IFD configuration) assumes 12MB flash,
so the final 4MB will be left unflashed on installation,
after blanking the private flash. The coreboot documents have
more information about this.

Some minor design changes in lbmk were made, to accomodate
this port:

Support for extracting refcode binaries added (pulled from
Google recovery images). The refcode file is an ELF that
initialises the MRC and the PCH. It is also responsible for
enabling or disabling the Intel GbE device, where Google
does not enable it, but lbmk modifies it per the instructions
on the coreboot documentation, so as to enable Intel GbE.

Google's recovery image stores the refcode as a stage file,
but coreboot changed the format (for CBFS files) after 4.13
so coreboot 4.13's cbfstool is used to extract refcode. This
realisation made me also change the script logic to use a
cbfstool and ifdtool version matching the coreboot tree, for
all parts of lbmk, whereas lbmk previously used only the
default tree for cbfstool/ifdtool, on insertion and deletion
of vendor files - it was 81dc20e744 that broke extraction of
refcode on google's recovery images, where google used an older
version of cbfstool to insert the files in their coreboot ROMs.
A further backported patch has been added, copying coreboot
revision f22f408956 which is a build fix from Nico Huber.

Iru Cai submitted an ACPI bugfix after the revision lbmk
currently uses, for coreboot/default, and this fix is
needed for rebooting to work on Linux 6.1 or higher. This
patch has been backported to lbmk, while it still uses the
same October 2023 revision of coreboot.

Broadwell MRC is inserted at the same offset as Haswell,
so I didn't need to tweak that.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-10 00:50:29 +00:00
Leah Rowe 0aca6332ee lbmk scripts: shorter code lines
while seemingly pedantic, this does actually make code
easier to read. mostly just switching to shorthand for
variable names, where no expansions or patterns are used

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-24 09:04:36 +00:00
Leah Rowe fa25414bab mrc.sh: run debugfs from extract_partition
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-22 08:36:23 +00:00
Leah Rowe 8a87572227 mrc.sh: general code cleanup
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-22 06:34:14 +00:00
Leah Rowe 493ebdfb74 mrc.sh: remove redundant extraction logic
the extract_archive function already provides use
of unzip, and works just fine (for mrc.bin extraction)

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-21 16:16:11 +00:00
Leah Rowe 1153bc3b6c mrc.sh: don't run the shellball. use unzip.
the shellball (for extracting the coreboot rom, to get
at mrc.bin) contains lines that are not posix-friendly.

specifically, the "local" command is used, and this is
not defined for posix sh.

the shellball is essentially just a bunch of shell
functions that compress/decompress the zip file,
containing the firmware update. you can modify the
files and re-run the shellball to recompress, though
lbmk just uses the decompress function.

as pointed out by Nicholas Chin, it is possible to just
run "unzip" directly on the update, to get at bios.bin.

we don't really need all the extra checks performed by
the shellball, so let's just bypass it altogether.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-21 15:52:03 +00:00
Leah Rowe 2e779a5495 handle errors on exits from subshells
most of these are probably redundant, and will never
be called, but lbmk needs to be as safe as possible
under fault conditions. fail early, fail hard.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-11 05:21:27 +00:00
Leah Rowe e86af9a60a 20231021hotfix: replace x_ with err in some places
keymaps weren't being set in keymay.cfg of cbfs, due
to use of x_ in the rom script, and x_ doesn't handle
quotes or spaces in arguments well.

i'm going to remove use of x_ and xx_ (it's in my todo),
for next release.

for now, hot patch the release. i've gone through and
replaced use of x_ with || err, in some places.

not just the keymap.cfg command, but others too. in case
there are more issues we missed.

this commit is being tagged "20231021fix" and i'm using
this tag to re-build the 20231021 release. i'll just
replace the tarballs in rsync and add errata to the news
page announcing the release. all i did was break peoples
umlauts, i didn't brick their machines fortunately!

very minor bug. anyway, x_/xx_ is a great idea, but sh
isn't really designed for that style of programming. i'll
go back to using just || err in the next release.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-10-22 12:34:45 +01:00
Leah Rowe 0b98c9b00c minor code cleanup in shell scripts
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-10-19 23:36:56 +01:00
Leah Rowe c14461a56b delete include/vendor.sh and merge elsewhere
move it all to other files where items are used, and not
used anywhere else. this reduces the size of vendor.sh.

also remove a few redundant variables, or variables that
are not meaningfully used.

a few items have been moved to include/option.sh

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-10-15 13:00:14 +01:00
Leah Rowe 8c03b886c4 Greatly simplify error handling in shell scripts
Instead of having detailed error messages, run most
commands through a function that calls err() under
fault conditions.

Where detail is still required, err() is still called
manually. Where it isn't, the error message is simply
whatever command was executed to cause the error.

This results in a massive sloccount reduction for lbmk;
specifically, 178 sloc reduction, or a 8.1% reduction.
The total sloccount is now 2022, for shell scripts.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-10-01 22:47:02 +01:00
Leah Rowe 2b7ae8e204 blob scripts: unified handling of blob destination
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-29 20:29:13 +01:00
Leah Rowe 710171f92b update/blobs/*: simplify mrc.bin handling
mrc.bin is now handled by include/mrc.sh, adapted
from now-deleted script/update/blobs/mrc

much of the logic has been re-written or adapted for
inside script/update/blobs/download

mrc links/hashes now defined in config/blobs/sources

the new code is simpler (and smaller). in addition,
lbmk can now easily handle mrc.bin files for other
platforms such as broadwell. watch this space.

the full .zip download is now cached, like with other
vendor downloads. this means it won't be re-downloaded
if it was already downloaded before.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-29 16:40:49 +01:00