Commit Graph

230 Commits (28682b1a4bde9d0dc3fcea51efa3e70aa62b7f30)

Author SHA1 Message Date
Leah Rowe 49ae4f91f9 badcmd: link directly to the maintenance manual
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-03 08:25:04 +01:00
Leah Rowe 00653aab1e better help text on invalid commands
adding help again is a bad idea. code should never
document itself; that's what documentation is for.

so, make the code do a better job telling the user
where to find documentation.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-03 00:17:36 +01:00
Leah Rowe afac9a06d2 build: print the project website address on help
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-02 23:34:10 +01:00
Leah Rowe 429e91f908 make GRUB multi-tree and re-add xhci patches
Re-add xHCI only on haswell and broadwell machines, where
they are needed. Otherwise, keep the same GRUB code.

The xHCI patches were removed because they caused issues
on Sandybridge-based Dell Latitude laptops. See:
https://codeberg.org/libreboot/lbmk/issues/216

The issue was not reported elsewhere, including on the
Haswell/Broadwell hardware where they are needed, but the
build system could only build one version of GRUB.

The older machines do not need xHCI patches, because they
either do not have xHCI patches, or work (in GRUB) because
they're in EHCI mode when running the payload.

So, the problem is that we need the xHCI patches for GRUB
on Haswell/Broadwell hardware, but the patches break
Sandybridge hardware, and we only had the one build of GRUB.
To mitigate this problem, the build system now supports
building multiple revisions of GRUB, with different patches,
and each given coreboot target can say which GRUB tree to use
by setting this in target.cfg:

grubtree="xhci"

In the above example, the "xhci" tree would be used. Some
generic GRUB config has been moved to config/data/grub/
and config/grub/ now looks like config/coreboot/ - also,
the grub.cfg file (named "payload" in each tree) is copied
to the GRUB source tree as ".config", then added to GRUB's
memdisk in the same way, as grub.cfg.

Several other design changes had to be made because of this:

* grub.cfg in memdisk no longer automatically jumps to one
  in CBFS, but now shows a menuentry for it if available

* Certain commands in script/trees are disabled for GRUB,
  such as *config make commands.

* gnulib is now defined in config/submodule/grub/, instead
  of config/git/grub - and this mitigates an existing bug
  where downloading gnulib first would make grub no longer
  possible to download in lbmk.

The coreboot option CONFIG_FINALIZE_USB_ROUTE_XHCI has been
re-enabled on: Dell OptiPlex 9020 MT, Dell OptiPlex 9020 SFF,
Lenovo ThinkPad T440p and Lenovo ThinkPad W541 - now USB should
work again in GRUB.

The GRUB payload has been re-enabled on HP EliteBook 820 G2.

This change will enable per-board GRUB optimisation in the
future. For example, we hardcode what partitions and LVMs
GRUB scans because * is slow on ICH7-based machines, due
to GRUB's design. On other machines, * is reasonably fast,
for automatically enumerating the list of devices for boot.

Use of * (and other wildcards) could enable our GRUB payload
to automatically boot more distros, with minimal fuss. This
can be done at a later date, in subsequent revisions.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-06-02 19:58:50 +01:00
Leah Rowe a76dda9330 vendor.sh: remove unnecessary assignment
dl_fail is set to n and then immediately to y afterward

why?

clearly i was dehydrated

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-31 17:27:13 +01:00
Leah Rowe 17a9d11da1 git.sh: do not remove .submodules
the reason for it is because sometimes the coreboot build
system auto-downloads submodules which we don't want.

however, we now pass UPDATED_SUBMODULES=1 in make, which
disables this behaviour in coreboot's build system.

therefore, remove this unnecessary logic.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-30 07:50:58 +01:00
Leah Rowe f6cbc501c1 import nuke() from cbmk cdce8ba70b
cbmk revision:
cdce8ba70b863ea3fe0ad7a4d7b27d0c5ca30421
as of date 30 May 2024

Canoeboot provides deblobbing, fully, on all sources, so
as to provide a GNU FSDG compliant coreboot distro.

Libreboot used to do this but now uses a more pragmatic
Binary Blob Reduction Policy, allowing better hardware
support in general. See:

https://libreboot.org/news/policy.html

Well! We sometimes still need to delete files in Libreboot,
but for other reasons. For example, the poorly licensed
strlcat.c file that we delete from U-Boot, in both projects.

I currently hardcode such deletions in lbmk. After this
revision, I will start using "nuke.list" files as in cbmk.

Simply patching the sources to exclude such files, in this
context, is not OK because then we are still including them
but as diffs. This is why the nuke() function exists.

Import Canoeboot's nuke technology.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-30 07:29:50 +01:00
Leah Rowe 47f582d463 ./vendor download: skip if blob path is /dev/null
We use a path of /dev/null pointing to a ROM for
Fam15h AMD boards, to add fake PIKE2008 images.

This is to mitigate a hang in SeaBIOS, but now with
recent changes, this causes the command below to
download coreboot, when it should just exit saying
no vendor files needed. Prevent accidentally wasted
bandwidth. The command was:

./vendor download kcma_d8_rdimm_16mb

This now correctly does the following:
$ ./vendor download kcma_d8_rdimm_16mb
Vendor files not needed for: kcma_d8_rdimm_16mb

The joys of programming a build system in sh!

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-29 03:25:33 +01:00
Leah Rowe e9b9e825f1 ./vendor download: more fine-tuned error control
By default, the build system does set -u -e

Some errors are unavoidable and have to be handled, so
we have to set +u +e (turn off error handling in sh),
when downloading vendor files, but only certain parts of
vendor.sh trigger errors (which cause an exit).

Replace the current bazooka approach with a more fine
grained approach, turning error handling back on again
when it is safe to do so.

In the parts of the code where it is disabled, the code
is written very, very carefully, with errors still handled
manually, but more careful auditing is required.

This change has been tested and makes the command much
safer to run. In security (or any bug auditing), it is
the principle of least privilege that holds true.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-29 02:07:38 +01:00
Leah Rowe 0dd0dfaf3d vendor.sh: don't error on main targets
e.g. coreboot/default contains no config directory, so
the old logic would be trying to do:

.

which is obviously invalid

now for example:

$ ./vendor download default
Vendor files not needed for: default

and it will exit with zero status

the only thing that should ever return non-zero status
is when you define a target that does not exist, config
or no.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-29 00:48:18 +01:00
Leah Rowe 914852dd40 rename include/option.sh to include/lib.sh
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-26 12:10:27 +01:00
Leah Rowe 5c14e8e1bc general code cleanup in the build system
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-26 07:22:44 +01:00
Leah Rowe 8da2559b35 option.sh: fix bad check for version/versiondate
i was checking whether it's a directory, whereas i should
have been checking whether it's a file. this is a workaround
put in place in case someone downloaded a tarball from codeberg
which is pre-generated per commit. in this situation, the
version and versiondate files do not exist, but the design
of the build system requires that they do exist.

the existing check is correct except for this bug, so fix
the bug. check that they are files, not directories

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-25 14:37:40 +01:00
Leah Rowe 9c5890e9f2 git.sh: break if a submodule clone succeeds
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-24 21:43:10 +01:00
Leah Rowe 1cb255e8be git.sh: allow finer control of git submodules
in each submodule configuration directory, a module.cfg
file can now be provided. in it, the user can specify
two repository links (main and backup) and a revision, like
so:

subrepo="repo link goes here"
subrepo_bkup="backup repo link goes here"
subrev="git revision id goes here"

additionally:

in the *main* project directory for the submodules,
a module.list file can be provided. example entries:

3rdparty/vboot
3rdparty/libgfxinit

if the module.list file is provided, only those submodules
will be downloaded. this can be combined with the module.cfg
files, if you wish, but it's optional. you can mix and match.

example locations:

multi-tree project:
config/submodule/coreboot/default/module.list
config/submodule/coreboot/default/vboot/module.cfg
single-tree project:
config/submodule/flashprog/module.list
config/submodule/flashprog/foo/module.cfg

*no* configuration files have been provided, in this commit,
which means that the current behaviour is maintained.

follow-up commits will absolutely configure the submodules.
this is being done to reduce the number of modules downloaded,
because we don't use most of the coreboot submodules that are
downloaded, thus wasting bandwidth and the releases are also
much bigger than necessary.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-24 18:58:48 +01:00
Leah Rowe b8ec7d5640 option.sh: generate version file if .git not found
a user was getting error "version unset" when using the
tarball generated from codeberg. it's recommended to use
the git repository properly, or a release archive.

mitigate this so that the build succeeds anyway.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-24 14:53:45 +01:00
Leah Rowe da42727209 git.sh: move repo copying to a new function
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-22 23:11:12 +01:00
Leah Rowe 093c4a367d git.sh: move link_crossgcc to end of file
link_crossgcc is called after git_am_patches, so
put it after ward

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-22 23:08:13 +01:00
Leah Rowe 73a2d99102 git.sh: move xgcc linking to a new function
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-22 18:50:42 +01:00
Leah Rowe d774987697 git.sh: skip submodules if .gitmodules missing
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-22 18:03:48 +01:00
Leah Rowe c3e1aa343a git.sh: merge patch_submodules in prep_submodules
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-22 18:01:39 +01:00
Leah Rowe a41633306a git.sh: split submodule handling to new function
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-22 17:59:42 +01:00
Leah Rowe aa4faf0815 git.sh: remove errant line break
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-22 16:03:28 +01:00
Leah Rowe 0014269604 git.sh: remove another meaningless check
again, the directory in question is simply used
in a for loop using asterisk (git_am_patches) and
the for loop simply won't iterate if either the
directory doesn't exist or it contains no items.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-22 15:57:47 +01:00
Leah Rowe fc3b0ba8bf git.sh: shorter variable names
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-22 15:56:35 +01:00
Leah Rowe dae10dd482 git.sh: remove meaningless check
in the function that immediately follows, it
starts two for loops that check every item in
that directory, using the asterisk wildcard.

if the directory does not exist, then the for
loop will simply break on first pass.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-22 15:53:37 +01:00
Leah Rowe c148fa53df git.sh: remove variable not meaningfully used
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-22 15:53:15 +01:00
Leah Rowe 835e5ad0e8 git.sh: fix invalid command in git_prep()
"./update project trees" is a leftover from the
old build system design, prior to audits.

this particular call is for when xtree is defined,
which means that a given tree must rely on the given
coreboot tree defined by xtree. the "xtree" tree is
downloaded, so that its crossgcc builds can be re-used
to save time when building targets across many trees.

this is because trees often use identical crossgcc builds.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-21 18:09:41 +01:00
Leah Rowe 1e54db2989 git.sh: allow patching submodules
for single-tree project (e.g. flashprog):
config/submodule/PROJECT/MODNAME/patches

for multi-tree project (e.g. coreboot):
config/submodule/PROJECT/TREE/MODNAME/patches

MODNAME is e.g.:
3rdparty/vboot directory in coreboot: would become vboot
(the submodule codepath is filtered to up to the final slash)

another example:
submodire src dir 3rdparty/foo/bar
MODNAME would be "bar"

Add whatever patches you like to a given submodule.

An example patch is included in this commit.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-20 00:10:27 +01:00
Leah Rowe 00e00a18d0 git.sh: don't delete .git if src/project/project
otherwise, "./update release" will epicly fail

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-19 23:04:37 +01:00
Leah Rowe 5b8928c7c9 git.sh: remove fetch_from_upstream()
the function is very small and only called once,
from fetch_project_trees()

merge it into fetch_project_trees()

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-19 07:50:24 +01:00
Leah Rowe 71baf65351 option.sh: don't return 1 in mkrom_tarball
one of the calling functions relies on the return value
to be always 0, so these error conditions in mkrom_tarball
have been altered to cause an *exit* (non-zero) instead.

in practise, the commands in question were printf commands
run after tho directory they output to had been created,
so write access would probably not be an issue.

nonetheless, technically correct is the best kind of correct.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-19 06:51:20 +01:00
Leah Rowe 1fe9c4b899 option.sh: mktar_release to mkrom_tarball
that's all it's used for, to compress the rom images

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-19 06:45:38 +01:00
Leah Rowe 5b5dccd630 vendor.sh: further simplify config handling
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-18 19:51:40 +01:00
Leah Rowe 8418ea9ab2 vendor.sh: greatly simplified config handling
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-18 19:45:52 +01:00
Leah Rowe 53b394f583 vendor.sh: move config checks to detect_firmware
they will later be removed, as part of unification against
other files that perform the same tasks

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-18 19:28:15 +01:00
Leah Rowe bb7255c34b vendor.sh: print an error upon ill-defined target
previously, it was attempting to load the configs and silently
failing. we must provide feedback to the user.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-18 11:25:28 +01:00
Leah Rowe 3f73f3d0b4 vendor.sh: remove redundant check
we literally do this check twice, in immediate succession.

avoid wasted i/o

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-18 11:20:56 +01:00
Leah Rowe 32923f5608 vendor.sh: simplify defconfig check
re-use check_defconfig from option.sh

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-18 11:14:39 +01:00
Leah Rowe f8e3ca3b22 git.sh: Remove .git if XBMK_RELEASE=y
The build system already deletes .git in all source
directories for each given release, but does so at
the very end; it still does, but now it is deleted
one by one per project, to save space during very
large builds (release sizes vary wildly, depending
on how many trees exist for coreboot basically).

If you're building entirely in tmpfs (as I do), this
could be a problem if you have lots of .git/ directories.

This change reduces disk usage, or in the above example,
memory usage when running the build system from tmpfs.

This complements another recent change, where ROM images
are compressed per target during release builds, rather
than all at the very end of the process. It is part of a
series of optimisations, to reduce the memory and disk
usage of the build system, and to reduce I/O wastage
in general.

This change will not be the last of such changes!

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-18 04:53:31 +01:00
Leah Rowe 839ef680cd lbmk: allow easier sync with cbmk
an equivalent change has been made in cbmk.

certain lbmk-specific variable names have been made
generic, with certain functions and other variables
moved around.

i maintain sync between libreboot and canoeboot, where
both projects can have the same behaviours, and most of
the merge conflicts have to do with variable names
containing "LBMK", "lbmk", "cbmk" or "CBMK", or
indeed "canoeboot" and "libreboot"

LBMK/lbmk/CBMK/cbmk variables between canoeboot and
libreboot now contain the string XBMK/xbmk

it should now be *much* easier to merge build system
changes between lbmk and cbmk.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-16 03:56:52 +01:00
Leah Rowe c6ba0a0e9b option.sh: delete check_git()
it's only used from main() in the main build script,
and it's very small, as is main()

therefore, move the logic into main()

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-15 04:03:16 +01:00
Leah Rowe e281966f22 remove check_project() (always set variables)
in lbmk, we call check_project() to set variables
such as projectname, version, version date

this is unnecessary, because all main scripts use
this functionality anyway

do it by default

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-15 03:04:41 +01:00
Leah Rowe 189b70ddcb build/roms: create full release tarball name
set relname from option.sh under check_project()

now the release logic simply has to move a directory

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-15 01:27:45 +01:00
Leah Rowe 36d45474c0 option.sh: don't bother checking for GNU tar
releases aren't reproducible anyway. we were
using options available in gnu tar for this.

it will be revisited at a later date. however, the next
time this is done, we will use another method because
there are in fact portable ways to create tarballs
reproducibly, documented on reproducible-builds.org

to be revisited, at a later date. for now, remove bloat.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-15 00:48:08 +01:00
Leah Rowe f0b604fc95 option.sh: remove insert_version_files()
it's only called once, from this file, within a small
function, and the function itself is very small.

remove, and put the contents of the function in the
calling function.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-15 00:45:01 +01:00
Leah Rowe 08c9f94a1a unified sha512sum creation for tarballs
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-15 00:37:12 +01:00
Leah Rowe 1ce7e33976 move rom tarball creation to script/roms
export LBMK_RELEASE="y"

if this is done, the tarball is created instead
of a directory, and the rom images are nuked using
./vendor inject with the nuke option, inserting the
correct version files; the rom directory is deleted

now the release script logic simple renames existing
tarballs. the benefit of this change is fewer lines of
code, and now lbmk doesn't use an insane amount of disk
space when building a *lot* of release images (the
uncompressed directories are deleted after each build)

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-14 23:44:28 +01:00
Leah Rowe 03fae0cf88 mrc.sh: remove redundant function extract_ref()
extract_ref() is no longer used

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-11 22:48:51 +01:00
Leah Rowe cc33974150 remove haswell mrc blob (libre raminit stable now)
broadwell mrc is retained, because it's needed on 820 g2

it's no longer needed on haswell, because nri is stable. nri
is short for "native ram initialisation", and libreboot provides
this for: thinkpad t440p, thinkpad w541, dell optiplex 9020 mt,
and dell optiplex 9020 sff

remove, in line with libreboot's binary blob reduction policy

previous revisions, prior to the recent release, stated that
it would be retained for compatibility, but it's really not
right to retain it, because doing so violates libreboot's policy

the recent release excluded mrc-based rom images for haswell
machines, providing only those rom images that use the libre
raminit, while retaining support for mrc in the build system, so
that users could still run the lbmk inject script on older release
roms that use mrc

again: libreboot's binary blob reduction policy is very clear:

https://libreboot.org/news/policy.html

it is a policy that can be summarised, thus:

if a blob can be avoided, it must be avoided.

therefore, we will avoid the Haswell MRC raminit blob

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-11 19:12:11 +01:00
Leah Rowe 05fbd39298 remove all status checks. only handle release.
the release variable is all we need, turning a target on
or off for a given release.

the status checks were prone to bugs, and unnecessary; it
also broke certain benchmark scripts.

it's better to keep the lbmk logic simpler. board status
will be moved to the documentation instead.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-11 18:53:12 +01:00
Leah Rowe 8ba0fd834d git.sh: remove errant comment
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-11 07:01:39 +01:00
Leah Rowe 029291e549 merge script/vendor/* into include/vendor.sh
stub it from the main build script

the commands remain identical:
./vendor download arguments_here
./vendor inject arguments_here

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-11 05:57:49 +01:00
Leah Rowe 5e4009b539 merge include/err.sh with include/option.sh
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-06 22:54:55 +01:00
Leah Rowe 58400fc4a5 err.sh: correct copyright info
i replaced 2022, 2023 with 2022, 2024 when updating
the years, as per modifications, but the 2023 copyright
doesn't become invalidated

change it to 2022-2024 instead, which is correct

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-06 16:13:13 +01:00
Leah Rowe 9caff26332 err.sh: update copyright info
i added a few changes during this year so far, 2024

update the copyright years

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-05-03 07:14:15 +01:00
Leah Rowe 91927760db build/roms: simplified status handling
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-04-28 20:33:38 +01:00
Leah Rowe 55204dc444 option.sh: don't use nproc (not portable)
export LBMK_THREADS=x

where x is an integer. this is already supported for
setting the number of build threads, but if not set
it uses nproc.

openbsd doesn't have nproc. default to 1 thread.

now you MUST set threads. e.g. in linux do:

export LBMK_THREADS=$(nproc)

preliminary work is being done to make lbmk run
on openbsd!

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-04-28 17:31:16 +01:00
Leah Rowe 6c4f07b350 allow disabling status checks during builds
export LBMK_STATUS=n

if not set, the status checks and confirmation dialogs
persist. if set to y they persist.

if you set it to n, all checks are disabled, so e.g.:

./build roms all

this would once again build all targets, regardless
of status. this is if you want the old behaviour.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-04-27 16:46:31 +01:00
Leah Rowe ce7fd754a3 build/roms: report status when building images
export LBMK_VERSION_TYPE=x
x can be: stable, unstable

in target.cfg files, specify:
status=x
x can be: stable, unstable, broken, untested
if unset, lbmk defaults to "unknown"

if LBMK_VERSION_TYPE is set, no confirmation is asked
if the given target matches what's set (but what's set
in that environmental variable can only be stable or
unstable)

if LBMK_RELEASE="y", no confirmation is asked, unless
the target is something other than stable/unstable

"unstable" means it works, but has a few non-breaking
bugs, e.g. broken s3 on dell e6400

whereas, if raminit regularly fails or it is so absolutely
unreliable as to be unusable, then the board should be
declared "broken"

untested means: it has not been tested

With this change, it should now be easier to track whether
a given board is tested, in preparation for releases. When
working on trees/boards, status can be set for targets.

Also: in the board directory, you can add a "warn.txt" file
which will display a message. For example, if a board has a
particular quirk to watch out for, write that there. The message
will be printed during the build process, to stdout.

If status is anything *other* than stable, or it is unstable
but LBMK_VERSION_TYPE is not set to "unstable", and not building
a release, a confirmation is passed.

If the board is not specified as stable or unstable, during
a release build, the build is skipped and the ROM is not
provided in that release; this is in *addition* to
release="n" or release="y" that can be set in target.cfg,
which will skip the release build for that target if "n"

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-04-26 20:36:42 +01:00
Leah Rowe 64177dbb8e exports variables from err.sh, not build
LC_COLLATE and LBMK_RELEASE are important variables. we want
to make sure that these are seen by everything.

since err.sh is included from all scripts, doing it there will
accomplish just that.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-04-26 08:20:19 +01:00
Leah Rowe 08859bb4a5 lbmk: export TMPDIR from err.sh, not build
lbmk sets TMPDIR to /tmp, and then creates a tmpdir, then
exports *that* as the value of TMPDIR. this unified TMPDIR
location then contains all subsequent files and directories,
when any script or program makes use of /tmp, via mktemp. at
least, that's the theory!

in practise, because it was only being properly exported from
the main build scripts, subscripts that are then called were
not exporting it, at least that is my assumption because in
some cases, i found that the coreboot build system was leaving
errant files behind outside of our own TMPDIR, and that build
system did not seem to be setting TMPDIR itself; more debugging
is needed.

anyway: use the exact same logic, but do it from err.sh. since
err.sh is included from every lbmk script, that means it will
always be exported when running every single part of lbmk. this
should reduce the chance that mktemp creates files and directories
outside of our custom TMPDIR location.

this is because in lbmk, we mitigate unhandled tmpdirs/files by
unifying it in the manner described, then deleting the entire
TMPDIR on exit from the main lbmk parent process (the main
script that the user called from, which is always the "build"
file).

in lbmk, effort is made to clean up temporary files properly,
without relying on this catch-all, but we can't rely on that.
the catch-all should also be as robust as possible.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-04-25 19:08:53 +01:00
Leah Rowe ed0678ae2e haswell: only provide NRI-based ROMs in releases
release="n" is set in target.cfg on haswell build targets
that use mrc.bin

script/update/release exports LBMK_RELEASE="y"

script/build/roms skips building a given target if release="n"
in target.cfg *and* LBMK_RELEASE="y"

you could also do the export yourself before running ./build roms,
for example:

export LBMK_RELEASE="y"
./build roms all

This would skip these ROM images. The native haswell raminit is
now stable enough in my testing, that I wish to delete the MRC-based
targets. This is in line with Libreboot's Binary Blob Reduction Policy,
which states: if a blob can be avoided, it should be avoided.

The problem is that users often run the inject script in *lbmk* from
Git, instead of from the src release archive. I forsee some users
running this on modern lbmk with older release images. If the mrc-based
target isn't there, the user may use an NRI-based target name, and
think it works; they will insert without MRC. I foresaw this ages
ago, which is why Caleb and I ensured that the script checks hashes,
and hashes are included in releases.

Therefore: for the time being, keep the MRC-based configs in lbmk
but do not include images for them in releases. This can be done
indefinitely, but I'll probably remove those configs entirely at
some point.

On the following boards, Libreboot now will *only* provide NRI-based
ROM images for the following machines:

* Dell OptiPlex 9020 SFF
* Dell OptiPlex 9020 MT
* Lenovo ThinkPad T440p
* Lenovo ThinkPad W541/W540

I now recommend exclusive use of NRI-based images, on Haswell
hardware. It's stable enough in my testing, and now supports S3.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-04-24 05:27:27 +01:00
Leah Rowe 332778973c allow users to specify number of build threads
lbmk otherwise uses nproc to set the number of build threads,
in these places:

* generic make commands in script/update/trees
* crossgcc make command in script/update/trees

the -T0 option is also used in script/update/release, when running
tar.

with this change, you can do:

export LBMK_THREADS=x

where x is the number of threads. when you then run
lbmk, your chosen number of threads will override
the default. this may be useful on a host that does
not have a lot of memory.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-03-27 07:38:16 +00:00
Leah Rowe 6ebab10caa safer, simpler error handling in lbmk
in shell scripts, a function named the same as a program included in
the $PATH will override that program. for example, you could make a
function called ls() and this would override the standand "ls".

in lbmk, a part of it was first trying to run the "fail" command,
deferring to "err", because some scripts call fail() which does
some minor cleanup before calling err.

in most cases, fail() is not defined, and it's possible that the user
could have a program called "fail" in their $PATH, the behaviour of
which we could not determine, and it could have disastrous effects.

lbmk error handling has been re-engineered in such a way that the
err function is defined in a variable, which defaults to err_ which
calls err_, so defined under include/err.sh.

in functions that require cleanup prior to error handling, a fail()
function is still defined, and err is overridden, thus:

err="fail"

this change has made xx_() obsolete, so now only x_ is used. the x_
function is a wrapper that can be used to run a command and exit with
non-zero status (from lbmk) if the command fails. the xx_ command
did the same thing, but called fail() which would have called err();
now everything is $err

example:

	rm -f "$filename" || err "could not delete file"

this would now be:

	rm -f "$filename" || $err "could not delete file"

overriding of err= must be done *after* including err.sh. for
example:

err="fail"
. "include/err.sh"

^ this is wrong. instead, one must do:

. "include/err.sh"
err="fail"

this is because err is set as a global variable under err.sh

the new error handling is much cleaner, and safer. it also reduces
the chance of mistakes such as: calling err when you meant to
call fail. this is because the standard way is now to call $err,
so you set err="fail" at the top of the script and all is well.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-03-27 01:50:31 +00:00
Leah Rowe 9071160c7a git.sh: also reset xtree/tree_depend here
it's still necessary here, to prevent the same bug
identified in the previous patch.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-26 11:15:23 +00:00
Leah Rowe c996118294 git.sh: fix bad call to ./update
Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-21 15:50:21 +00:00
Leah Rowe 3e7e0c7d48 git.sh: support downloading dependency trees
a tree can specify:

tree_depend="treename"

this will make the other tree be downloaded. this is
used for coreboot trees, to ensure that dependency
trees are downloaded, because trees can now re-use
crossgcc from other trees.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-21 12:59:02 +00:00
Leah Rowe 8f3d3eada9 re-use crossgcc builds on the coreboot trees
don't build crossgcc twice, especially if two coreboot
trees use the same revision!

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-21 06:26:23 +00:00
Leah Rowe 401c0882aa NEW MAINBOARD: HP EliteBook 820 G2
This is of Broadwell platform, one generation above Haswell.

Of note: this uses HP Sure Start. Although the flash is 16MB,
our CBFS section (and IFD configuration) assumes 12MB flash,
so the final 4MB will be left unflashed on installation,
after blanking the private flash. The coreboot documents have
more information about this.

Some minor design changes in lbmk were made, to accomodate
this port:

Support for extracting refcode binaries added (pulled from
Google recovery images). The refcode file is an ELF that
initialises the MRC and the PCH. It is also responsible for
enabling or disabling the Intel GbE device, where Google
does not enable it, but lbmk modifies it per the instructions
on the coreboot documentation, so as to enable Intel GbE.

Google's recovery image stores the refcode as a stage file,
but coreboot changed the format (for CBFS files) after 4.13
so coreboot 4.13's cbfstool is used to extract refcode. This
realisation made me also change the script logic to use a
cbfstool and ifdtool version matching the coreboot tree, for
all parts of lbmk, whereas lbmk previously used only the
default tree for cbfstool/ifdtool, on insertion and deletion
of vendor files - it was 81dc20e744 that broke extraction of
refcode on google's recovery images, where google used an older
version of cbfstool to insert the files in their coreboot ROMs.
A further backported patch has been added, copying coreboot
revision f22f408956 which is a build fix from Nico Huber.

Iru Cai submitted an ACPI bugfix after the revision lbmk
currently uses, for coreboot/default, and this fix is
needed for rebooting to work on Linux 6.1 or higher. This
patch has been backported to lbmk, while it still uses the
same October 2023 revision of coreboot.

Broadwell MRC is inserted at the same offset as Haswell,
so I didn't need to tweak that.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-10 00:50:29 +00:00
Leah Rowe 3b66a5bbfb git.cfg: simplified revision checking
it only needs to be checked before git reset

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-01 19:07:37 +00:00
Leah Rowe 535c9007fd add copyright 2024 leah rowe to edited files
i forgot to add 2024 on the copyright years, for my
copyright files that i edited on 1 january 2024

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-01 17:08:38 +00:00
Leah Rowe cea88fa827 git.sh: simplify submodule handling in git_prep
u-boot doesn't use submodules, so there's no point in
checking for it. now we can do with just one call to
the git submodule command, for simplicity

also, general code cleanup in this file (minor code
formatting improvements)

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-01 16:47:16 +00:00
Leah Rowe 1fcbadb8da git.sh: further simplify git_prep
the directory is checked for deletion, but it's already
checked before download, to see whether it already exists.
lbmk already exits with zero status if the directory exists,
so the check is pointless (in this function)

also, general code style/formatting cleanup

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-01 15:27:01 +00:00
Leah Rowe 48551ced3f git.sh: unify am/submodule and tree copying
do it all in a single function!

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-01 15:21:46 +00:00
Leah Rowe ce67c99f40 git.sh cleanup: git am handling (remove patchfail)
the patchfail variable was only needed in the old design,
where git am was being handled inside a subshell, and
also when we did it directly in the target directory
without using a temporary directory. with the current
design, we can just call err() and ditch the tmp repo

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-01 14:32:37 +00:00
Leah Rowe e6953dc4f0 git.sh: clean up handling of tmp_git_dir
delete it once once, and delete it much sooner, right
at the start of script/update/trees main()

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-01 12:41:43 +00:00
Leah Rowe d819403a0b git.sh: fix regression: patches before submodulse
there isn't really a problem right now, but a desired
and implemented behavioural change was that patches are
to be applied *before* updating submodules. well, the
previous commit reversed this change, under certain
conditions, such that submodules were applied first.
this patch fixes it, so that patches are done first.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-01 11:06:06 +00:00
Leah Rowe f4a14bd908 git.sh: clean up git submodule/am handling
unify all of the logic, where git am and submodule is handled

Signed-off-by: Leah Rowe <leah@libreboot.org>
2024-01-01 10:48:58 +00:00
Leah Rowe f3098f566c git.sh multi-tree: grab submodules *after* patches
right now, if we want to patch a project such that certain
submodules are no tdownloaded, or diffreent submodules are
downloaded, or current ones are downloaded from other
locations, we cannot do this, because we apply submodule
updates *before* applying patches.

therefore, we should change it so that they are applied
*after* installing patches.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-30 20:30:49 +00:00
Leah Rowe eb3a8e2b53 unify script/update/trees and script/build/grub
the script can now also handle autoconf build systems,
whereas this could previously only be done for grub.

with this change, the overall sloccount is also lower

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-30 13:53:45 +00:00
Leah Rowe 34ded35fa6 lbmk scripts: general code cleanup
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-28 16:34:45 +00:00
Leah Rowe bc87b5f67e lbmk scripts: general code cleanup
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-27 17:26:37 +00:00
Leah Rowe 0aca6332ee lbmk scripts: shorter code lines
while seemingly pedantic, this does actually make code
easier to read. mostly just switching to shorthand for
variable names, where no expansions or patterns are used

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-24 09:04:36 +00:00
Leah Rowe b4ab30577f lbmk scripts: general code cleanup
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-24 06:32:19 +00:00
Leah Rowe 655d3cdc88 lbmk scripts: general code cleanup/optimisation
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-23 17:51:32 +00:00
Leah Rowe 9d5d98ebae set version/projectname properly
lbmk used to set version/versiondate directly in
err.sh, but now it's handled there by a function,
which is called by the main script.

script/update/release hadn't yet been adapted. the
only change necessary is to call check_project()

script/update/trees also makes use of it

script/build/roms is using "projectname"

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-23 08:54:45 +00:00
Leah Rowe b0e5fc9d9c lbmk scripts: general code cleanup
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-23 02:52:30 +00:00
Leah Rowe ab65ea4c99 general code cleanup
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-22 10:24:00 +00:00
Leah Rowe fa25414bab mrc.sh: run debugfs from extract_partition
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-22 08:36:23 +00:00
Leah Rowe 8a87572227 mrc.sh: general code cleanup
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-22 06:34:14 +00:00
Leah Rowe 493ebdfb74 mrc.sh: remove redundant extraction logic
the extract_archive function already provides use
of unzip, and works just fine (for mrc.bin extraction)

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-21 16:16:11 +00:00
Leah Rowe 1153bc3b6c mrc.sh: don't run the shellball. use unzip.
the shellball (for extracting the coreboot rom, to get
at mrc.bin) contains lines that are not posix-friendly.

specifically, the "local" command is used, and this is
not defined for posix sh.

the shellball is essentially just a bunch of shell
functions that compress/decompress the zip file,
containing the firmware update. you can modify the
files and re-run the shellball to recompress, though
lbmk just uses the decompress function.

as pointed out by Nicholas Chin, it is possible to just
run "unzip" directly on the update, to get at bios.bin.

we don't really need all the extra checks performed by
the shellball, so let's just bypass it altogether.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-21 15:52:03 +00:00
Leah Rowe 7f98ab8e62 git.sh: simplify submodule handling
do not use a subshell. use git -C instead.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-19 03:53:47 +00:00
Leah Rowe f6ebab5702 option.sh scan_config: clean up if/else block
the code wasn't very clear. make it clearer.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-19 02:35:55 +00:00
Leah Rowe 3b7009aafa option.sh: print error on stderr, not stdout
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-19 02:32:56 +00:00
Leah Rowe c75ca20c0a option.sh: don't rely on zero status on printf
this part of the code *must* return. the for loop
afterwards must not be permitted to execute.

it's unlikely that this would ever occur, unless
perhaps the user is using a very buggy sh.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-19 02:32:30 +00:00
Leah Rowe 578f105d62 git.sh git_am_patches: reduce indentation
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-19 02:26:26 +00:00
Leah Rowe cbd19d81fd git.sh fetch_config: simplify tree name check
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-19 02:23:46 +00:00
Leah Rowe 1eb4df6748 fix several shellcheck warnings
lbmk didn't quote certain arguments in commands, or
used ! -z instead of -n, things like that. simple fixes.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-12-16 07:56:26 +00:00