Commit Graph

811 Commits (12b33eb8c18b37546599feec908b9acd829f0029)

Author SHA1 Message Date
Leah Rowe 0faf2a0c6f main lbmk script: exit non-zero if argc is wrong
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-20 21:39:39 +01:00
Leah Rowe 6e92d9a359 fix "./build help"
thanks Riku Viitanen for pointing out the bug

i b0rked it myself in an earlier revision, while
auditing.

it's funny because i made this exact same mistake
during the last audit, and in the exact same way

it's fixed once again

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-20 21:34:08 +01:00
Leah Rowe 9031bb7ba7 unify dependencies scripts
the unified logic is so small that i simply added it
to the main "build" script

commands are identical. example:

./build dependencies debian

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-20 21:25:51 +01:00
Leah Rowe 023d6b6996 unify build/clean into ./build release src
handle it all in the 1 script

quite a few clean scripts are still present,
so resources/scripts/build/clean/ still exists.

23 sloc reduction.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-20 18:58:32 +01:00
Leah Rowe f893a29b22 unify most module build scripts
Some of them weren't even used at all, such as the flashrom
build script. the bios_extract build script existed but was
never used, because we only called (from blobutil) a python
script from in there, without actually compiling anything!

resources/script/build/src/for

Usage, e.g.:

./build src for memtest86plus

It also handles fetch. This script is intended largely for
those codebases that are quite simple, requiring trivial
or no intervention besides running "make".

37 sloc reduction. Not a lot, but the audit continues! These
optimisations add up. I started at 3300 sloc in
resources/scripts and me target is 2k (2000) sloc.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-20 17:47:02 +01:00
Leah Rowe c83d1a8dc4 unify grub scripts under one directory
new commands are thus,

build grub payloads:
./build grub payload
(formerly ./build payload grub)

build grub utils:
./build grub utils
(formerly ./build module grub)

The scripts is build/module/ will mostly be
deleted. I say mostly, because some of them
are being moved instead.

The deleted ones will be ones that basically
just run "make" in the target directory. They
will be unified, in a follow-up patch.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-20 16:40:11 +01:00
Leah Rowe 438bf2c9b1 grub/modules.list: add argon2
the argon2 patches are now included in grub,
but we need to add it in grub-mkstandalone

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-20 12:34:55 +01:00
Leah Rowe fd6025321c grub: import phc argon2 implementation (for luks2)
Patches pulled from:
https://git.nicholasjohnson.ch/grub
This is the author of the rebased patches:
https://nicholasjohnson.ch/
(Nicholas Johnson <nick@nicholasjohnson.ch>)

However, this is a *rebase* performed by Nicholas,
based on these patches:

https://aur.archlinux.org/cgit/aur.git/tree/?h=grub-improved-luks2-git
...at revision: 1c7932d90f1f62d0fd5485c5eb8ad79fa4c2f50d

The AUR patches were based on GRUB 2.06, whereas Nicholas's
rebase is upon grub 2.12, which Libreboot currently uses.

These patches import the PHC implementation of argon2i/id
key derivation functions, seen here:
https://github.com/P-H-C/phc-winner-argon2

GRUB (upstream) does not merge these patches and probably won't,
because even though they're libre, they're not copylefted or
otherwise under GPL terms that GRUB can accept.

Therefore, we in Libreboot must maintain these from now on,
for our version of GRUB. The upshot? LUKSv2 decryption should
now work, perfectly, in GRUB!

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-20 12:24:49 +01:00
Leah Rowe 2c0c521e2f bump grub revision a bit
17 commits above 2.12-rc1, with some fixes.

i'm about to merge luks2 argon2 patches in a
follow-up commit, and they're based upon this
revision of grub

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-20 12:16:37 +01:00
Leah Rowe e076d8934b unify update/modify coreboot/u-boot/seabios script
./update seabios configs? gone
.modify coreboot configs? gone

it's now all 1 script, called e.g.

./modify defconfig options -u coreboot <-- runs make oldconfig
./modify defconfig options -m seabios <-- runs make menuconfig
./modify defconfig options -u u-boot gru_bob <-- oldconfig, and only gru_bob
./modify defconfig options -u coreboot x60 x200_8mb

etc. you get the idea. same behaviour as before with all
the separate scripts, but now its one unified script.

184 sloc reduction in resources/scripts/

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-20 11:03:56 +01:00
Leah Rowe e25984d781 remove board: qemu_x86_12mb (not usable for now)
x86 u-boot is a bit flaky and this board never builds.

re-add it ot a later date.

u-boot is only really used in arm machines,
for our purposes at least.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-19 23:24:18 +01:00
Leah Rowe e5b898f6cb consolidate u-boot/seabios/coreboot build scripts
See file:
resources/scripts/build/defconfig/for
It is based on:
resources/scripts/build/payload/u-boot

The u-boot payload script has been deleted, as has the
seabios payload script; the build/boot/roms logic has
been heavily simplified too, by removing the logic for
building of elf files based on defconfig.

SeaBIOS, U-Boot and coreboot all use defconfig-type
infrastructure for their build systems, and they are
fundamentally the *same* in how to compile each codebase,
at least in an lbmk context, regardless of actual (and
very huge) differences in these codebases.

Several hundred sources-lines of code have been eliminated
by this change, drastically simplifying everything; U-Boot
payload compiling also now errors out when a single build
fails, instead of continuing. Also: build/boot/roms no longer
re-compiles a coreboot target that was already compiled,
which is the same behaviour observed for payloads.

(this means you must now manually delete a target, when you
wish to re-build it; the build/boot/roms logic now more or
less just runs cbfstool; blobutil is handled from
build/defconfig/for)

ALSO: Since crossgcc is now handled by build/defconfig/for, not
build/boot/roms, standalone compiling of u-boot is now possible.
This has been tested. You compile it like so:
./build defconfig for u-boot
or specific trees, e.g.
./build defconfig for u-boot default

One other consequence of this patch is that re-building the same
ROM image is now much faster, because the same builds are re-used
unless deleted. This could be useful when testing grub.cfg changes,
for example, if that's all you change. With things like ccache used
(not yet used robustly in lbmk), this could speed things up more,
depending on the codebase.

This patch demonstrates the raw power of lbmk; it is a very
simple and highly efficient build system, and now much more so!

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-19 23:18:32 +01:00
Adrien 'neox' Bourmault 673b144a4c coreboot/fam15h: fix for gcc/gnat building
With newer hostcc, trying to build GCC 8.3.0 will raise an error from ld:

	undefined reference to `__gnat_begin_handler_v1'

This commit adds a patch for GCC found on coreboot [1] correcting this
error by backporting the GNAT exception handler v1 to GCC 8.3.0 allowing
GNAT to be built with newer hostcc like GCC 10+.

[1]https://review.coreboot.org/c/coreboot/+/42158

Signed-off-by: Adrien 'neox' Bourmault <neox@gnu.org>
Acked-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-08-17 21:09:49 +01:00
Leah Rowe 63b0e99f6c don't call blobutil directly from lbmk
it's bloat, and was only there for backwards compatibility
with the old commands, but the new commands are e.g.

./update blobs inject

instead of:

./blobutil inject

this results in a slight code size reduction in lbmk

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-17 11:56:17 +01:00
Leah Rowe 0848622799 remove download scripts, consolidate into script
most of them were just calling the gitclone script,
so remove them.

the grub script was treating gnulib as a dependency.
i've now added the ability to grab 1 dependency, in
the gitclone script (it should be expanded later to
support multiple dependencies)

the gitclone script has been renamed to "fetch".
the "fetch_trees" script does more or less the same
thing, but calls "fetch" and handles multiple revisions
if a project needs that

this is more efficient, and slightly reduces the code
size of lbmk!

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-17 11:50:06 +01:00
Leah Rowe 8459e33bbc improve user feedback in blobutil
make it output messages that tell the user important
information. it's only subtle but it makes a difference
to some people, who need confirmation.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-17 00:43:34 +01:00
Leah Rowe 59dba6cfcd merge coreboot/u-boot download logic to one script
they are fundamentally the same, in an lbmk context.

they are downloaded in the same way, and compiled in
the same way!

(Kconfig infrastructure, board-specific code, the way
submodules are used in git, etc)

~200 sloc reduction in resources/scripts

the audit begins

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-16 22:40:34 +01:00
Leah Rowe 2453c303e6 gitclone: always clean up /tmp
in certain conditions, the tmpdir was not being deleted

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-16 19:59:40 +01:00
Leah Rowe adeb065c5e fix permissions on arch dependencies script
it wasn't +x

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-16 17:29:09 +01:00
Leah Rowe 6075fed849 NEW BOARD: HP EliteBook 8470p (Intel GPU)
Intel GPU!

The AMD ones will be tested, but assume Intel-only for now.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-14 09:42:06 +01:00
Leah Rowe f9afeb6feb NEW BOARD: Dell Precision T1650
Very nice ivybridge board that supports ECC RAM.
NOTE: I couldn't get onboard graphics working yet, but
this was confirmed working with a graphics card (in my
case nvidia quadra k420) booted in text mode on the SeaBIOS
payload. The GRUB payload also works, when loaded from SeaBIOS.
Therefore, this is a SeaBIOS-only board (as far as first payload
is concerned), but you can pick GRUB from the menu.

You could make it "GRUB-only" in practise by setting SeaBIOS
boot order to only load GRUB, and disable the SeaBIOS menu.
We refer to this as "SeaGRUB".

I've made lbmk use biosutilities and uefiextract, to
get at the SMSC SCH5545 Environmental Control (EC) firmware.
This firmware is needed for fan control. This is automatically
downloaded and extracted, from Dell UEFI firmware updates.

As with other blobs such as Intel ME, this firmware is then
scrubbed by the release build scripts. The blobutil "inject"
script can be used to re-insert it.

Of note: there is no fixed offset, but no other blobs to
be inserted in CBFS either, so the offset when re-inserting
on release ROMs should still be the same, and thus the ROM
checksums should match, when running blobutil inject.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-14 09:37:07 +01:00
Leah Rowe f8f77cb288 NEW BOARD: HP EliteBook 2170p
Another ivybridge platform, added in coreboot recently.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-09 22:55:29 +01:00
Leah Rowe c5c8946779 Merge pull request 'Update 'README.md'' (#89) from ewpr5kwu/lbmk:master into master
Reviewed-on: https://codeberg.org/libreboot/lbmk/pulls/89
2023-08-06 10:51:10 +00:00
Leah Rowe cb8bf380e9 bump seabios revision to 30 May 2023
this revision:
1281e340ad1d90c0cc8e8d902bb34f1871eb48cf
from 30 May 2023

It contains a few nice fixs, including an integer
overflow fix, but not many changes have been made
to seabios since the last revision.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-06 01:02:56 +01:00
Leah Rowe 27ee975e86 bump grub revision to 2.12-rc1
This is specifically the following Git revision:
7a994c87f571ac99745645be0bdde9827297321a
from 10 July 2023

The keyboard fix for HP EliteBooks was merged upstream,
so lbmk no longer needs this patch; it comes with GRUB.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-06 01:02:53 +01:00
Leah Rowe 705149a3e0 coreboot/default: bump revision to 2 August 2023
coreboot revision:
d86260a134575b083f35103e1cd5c7c7ad883bce
from 2 August 2023

The patches were updated. HP 8300 USDT has now been merged upstream,
so that patch is no longer included in lbmk.

SD card fix for E6400 merged upstream, so now it's removed in lbmk.
The nvidia E6400 patch (devicetree.cb) has not yet merged upstream.

The ifdtool --nuke option has been rebased.
Patches as follow-ups to earlier patches removed; for example, patches
that set VRAM to 352MB on GM45 have been removed, and replaced with
patches that just set 256MB in the first place (this is more stable).

This was mostly a clean rebase, of all the patches. It went smooth.
I haven't updated cros/haswell yet; the 4.11_branch revision used
on fam15h will also remain, for now.

The coreboot configurations have been updated, for this new
revision of coreboot.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-06 01:02:49 +01:00
Leah Rowe 22ee7f745d blobs/download: save ME file to correct location
blobdir is incorrect, and it means that the directory
will appear under blobs/, in this case. this was an
oversight on my part.

this behaviour did not break anything in practise, but
this patch makes the behaviour more consistent with rules.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-05 21:24:28 +01:00
Leah Rowe cdd83ab1ce blobs/download: try backup if bad hash on main
At present, the logic only tries backup URLs when an
actual download fails (bad internet connection or the
server is down).

If the main download succeeds, but it has a bad checksum,
the backup download is not attempted.

Since wrongly hashed files are to be assumed useless, we
may aswell delete and try the next file. This will guard
against the possibility of a vendor changing their file,
without changing the file name (non-versioned files, for
example, may be subject to such changes).

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-05 21:13:34 +01:00
Leah Rowe f18b1859db blobs/download: support more formats on ME extract
ME extraction didn't support unar (RAR format), for regular
extraction, after downloading a vendor file.

For bruteforce ME extraction, after extracting a vendor
archive, unar(RAR) and inno(innoextract) was not supported.

This patch fixes both issues. It should be noted that as of
now, the unar method has only been tested with certain HP
vendor updates, and it's currently not used on any of those.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-05 20:53:49 +01:00
Leah Rowe f0efaf7913 add unar to dependencies scripts
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-08-04 05:23:49 +01:00
Leah Rowe e8ba0f8781 blobs/download: declare full user agent
I messed up the string, when I first did this.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-29 13:46:44 +01:00
Leah Rowe 4875eef116 blobs/download: properly handle backup/main url
Immediately after the last revision, which was a hacky
workaround to the problem, I realised the actual problem,
and the real solution:

In the switch block, check *backup* first. Then it breaks,
continuing on the iteration.

If it's variable for a main URL, it'll reliably go to the
next check in the block, whereas if it's backup, it'll
default to the first one in each case.

This bug has been annoying the sh*t out of me for ages,
and I've finally nailed it.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-29 08:27:20 +01:00
Leah Rowe cca93ca3f3 blobs/download: don't download backup on main
The script was actually downloading the backup, at
all times, for each given URL. The way we handle
this is quite buggy.

This patch is a workaround, a dirty hack in fact, but
it will do for now, because our backup URLs are always
wayback links where the original URL (matching the
correct main URL in the sources file) is always present,
in the URL.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-29 08:21:09 +01:00
Leah Rowe 3aeefaa75d blobs/download: set common user agent string
Make it look like a normal web browser, downloading files.

Some HTTP servers might block Wget unless this is done.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-29 08:09:57 +01:00
Leah Rowe 5e83d2bc8f blobs/download: simplify for loop
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-29 07:28:36 +01:00
Leah Rowe 8f1d3ad19f scripts: fix indentation in switch/case blocks
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-29 07:24:18 +01:00
Leah Rowe 748e097228 blobutil/ec: abort if kbc1126 ec extraction fails
This was an oversight on my part.

Should extraction fail, we must abort. This is in preparation
for addition of future mainboards, where further tweaking is
required in blobutil. This error check will warn us about it.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-27 08:13:28 +01:00
Leah Rowe e594ac1697 coreboot/fam15h: remove unused files
they were taken from c-libreboot, but they are
not needed here (deblob-check files)

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-22 14:00:56 +01:00
Leah Rowe 44bd077aff Revert "build/boot/roms mkUBootRoms: initialise variables"
This reverts commit 7c90a4077f.

causes another build bug. i'm helping someone with the bug now,
i think the workaround for now would be to just use bash, on
this script. until i can figure something better out.
2023-07-17 08:59:48 +01:00
Leah Rowe 7c90a4077f build/boot/roms mkUBootRoms: initialise variables
they were outside the scope, outside of the if statements.

in some shells, this is ok.

we use "sh" so the user could have any shell.

be a bit nicer to the more asininely technically
correct sh implementations out there

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-17 08:20:02 +01:00
Leah Rowe d918139f36 coreboot/fam15h: re-enable microcode updates
this was taken from old libreboot. the last libreboot
revisions that had these boards were under the old
policy.

i left microcode disabled at first, because the old
coreboot 4.11 behaviour was to always insert microcode
regardless, so old libreboot patched out microcode
from the coreboot build system

however, 4.11_branch appears to actually honour microcode
configuration, so i do actually need to make sure it's
enabled in configs

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-16 11:34:12 +01:00
Leah Rowe 8c7774289c board/qemu_x86: don't enable u-boot
it's a bit buggy when building. disable for now.

will re-visit later.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-16 07:17:06 +01:00
Leah Rowe fb44c349e1 coreboot/haswell: fix acpica downloads
the upstream link died. this patch makes it grab the
acpica tarball (for iasl) via libreboot rsync, where
i've added the corresponding tarball

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-16 03:49:49 +01:00
Leah Rowe af084014f0 coreboot: re-add asus kgpe-d16/kcma-d8/kfsn4-dre
Libreboot 20220710 was the last release to support these
boards. I plan to eventually port code differences between
D8/D16 to Dasharo, for KCMA-D8 support in Dasharo, to then
use in Libreboot for both KCMA-D8 and KGPE-D16, but I have
no plans to update the KFSN4-DRE code, at least for now.

Libreboot 20220710 used coreboot 4.11, whereas this patch
makes use of coreboot 4.11_branch; the crossgcc toolchains
no longer compile on modern distros, so I spent time patching
those (tested in Debian Sid, will also work on Arch Linux and
so on).

The acpica downloads now fail, in 4.11_branch, because Intel
made some changes upstream for these tarball downloads. Newer
coreboot works around this by grabbing tarballs from github,
itself a non-ideal solution, but I digress; this patch changes
coreboot crossgcc (in 4.11_branch) to download the acpica
tarball from libreboot rsync, where I've added it.

This patch also re-introduces the PIKE2008 fix, where empty
option ROMs for these are inserted into CBFS. This prevents
SeaBIOS from loading the real option ROMs, which would cause
SeaBIOS to hang. This means that SAS drives are not supported
in SeaBIOS, for these boards in Libreboot.

I previously said, in the Censored Libreboot c20230710
announcement, that I would *only* merge D8/D16 when I've
added Dasharo support to Libreboot, and use that, but the
work to make coreboot 4.11_branch compile is something I'm
quite proud of and I see no reason to exclude from lbmk
master branch.

Honestly, there's not much different than 4.11, code-wise.
I *probably* won't use 4.11_branch for the next Libreboot
release, on D8/D16. By then, I might have Dasharo integrated
in lbmk instead. We shall see.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-16 03:18:58 +01:00
Leah Rowe e6002b9155 coreboot/cros: fix acpica downloads
upstream died. i put the corresponding tarball on
libreboot rsync. this is used by the coreboot build
system, specifically in crossgcc (cross compilers)

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-16 03:01:39 +01:00
Leah Rowe f34e07ae27 build/boot/roms: fix coreboot-version in releases
This error was observed, in the coreboot build system:

In file included from src/lib/version.c:4:
build/build.h:10:32: error: 'libreboot' undeclared here (not in a function)
   10 | #define COREBOOT_MAJOR_VERSION libreboot-20230625
      |                                ^~~~~~~~~
src/lib/version.c:35:46: note: in expansion of macro 'COREBOOT_MAJOR_VERSION'
   35 | const unsigned int coreboot_major_revision = COREBOOT_MAJOR_VERSION;
      |                                              ^~~~~~~~~~~~~~~~~~~~~~

This happened on the 20230625 *release archive*, when a user tried to
build for W541 MRC on an Arch Linux container.

This change fixes the error. I never got the error on my end when
build testing the release archives, but this will prevent the error.
Fix it by only inserting libreboot version string YYYYMMDD representing
the Libreboot version. (libreboot uses ISO dates as version numbers)

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-07-08 00:27:53 +01:00
ewpr5kwu 5204f0a914 Update 'README.md' 2023-07-01 23:48:34 +00:00
Leah Rowe 68d4710785 update .gitignore
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-25 14:17:29 +01:00
Leah Rowe 4efa545a46 build/release/src: clean spkmodem/e6400 utils
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-25 13:33:20 +01:00
Leah Rowe 2e85a63a0a build/roms_helper: reset d521fca7, backport fixes
I keep getting random linker issues when running:

./build boot roms all

I think the issue lies somewhere in here, from when
I did that massive audit. So I'm undoing the audit
which mostly re-factored the code style here.

These changes are being backported:
f338697b build/boot/roms: Support removing microcode
941fbcb run coreboot utils from own directory
f256ce98 build/boot/roms: say board name on stderr

I removed this change:
6d6bd5ee (the script now uses dedicated utils directory)

additionally:

cbutils is built much earlier on in the script, first
thing after initialising variables

the other changes not backported are all code style
changes, and I believe these are responsible.

if no other fixes occur to this fire before the next
libreboot release, then my hunch was right.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-25 12:21:48 +01:00