lib.sh download() is used by subfile handling in git.sh,
e.g. crossgcc tarballs, and also the vendor scripts.
vendor files are cached, but not subfiles for repos.
cache both, under cache/file/, saved with the name equal
to the checksum, so: cache/file/CHECKSUM
also move vendorfiles/app/ to cache/app/ in this change.
Signed-off-by: Leah Rowe <leah@libreboot.org>
-d does the same as -b, except for actually building
anything! in effect, it does the same as -f (fetch)
except that the resulting variable assignments will
not be recursive (as with -f).
if -d is passed, configuration is still loaded, defconfig
files are still cycled through, and more importantly:
helper functions are still processed.
the grub, serprog and coreboot helper functions have
been modified to return early (zero status) if -d is
passed.
this behaviour will be used to integrate vendor.sh
logic in with the trees script, for cases where the
user wants to only handle vendor files. e.g.:
./update trees -b coreboot x230_12mb
this would download the files as usual, build coreboot,
with those files, and then build the payloads. but:
./update trees -d coreboot x230_12mb
this would download the files, NOT build coreboot, and
NOT build the payloads.
this change increases the sloccount a bit, but i'm relying
on the fact that the vendor.sh script already re-implements
config handling wastefully; the plan is to only use trees.
for now, simply stub the same ./vendor download command.
there is one additional benefit to doing it this way:
this method is *per-kconfig* rather than per-target.
this way, one kconfig might specify a given vendor file
that is not specified in the other. although the stub
still simply handles this per target, it's done in premake,
which means that the given .config file has been copied.
this means that when i properly re-integrate the logic
into script/trees, i'll be able to go for it per-kconfig.
the utils command has been removed, e.g.
./update trees -b coreboot utils default
the equivalent is now:
./update trees -d coreboot default
this would technically download vendor files, but here
we are specifying a target for which no kconfigs exist;
a check is also in place, to avoid running the vendor file
download logic if tree==target
the overall effect of this change is that the trees script
no longer contains any project-specific logic, except for
the crossgcc build logic.
it does include some config/data mkhelper files at the top,
for serprog and coreboot, so that those variables defined in
those files can be global, but another solution to mitigate
that will also be implemented in a future commit.
the purpose of this and other revisions (in the final push
to complete lbmk audit 6 / cbmk audit 2) is to generalise as
much logic as possible, removing various ugly hacks.
Signed-off-by: Leah Rowe <leah@libreboot.org>
stub it from the trees script. the way it works now,
there is less code in the build system.
./build roms
this is no longer a thing
./build roms serprog
this is also no longer a thing. instead, do:
./update trees -b coreboot targetnamehere
./update trees -b pico-serprog
./update trees -b stm32-vserprog
the old commands still works, which causes the new
commands to run
coreboot roms now appear in elf/, not bin/, as before,
but those images now contain payloads.
NOTE: to contradict the above: ./build roms is no
longer a thing, in that it's now deprecated, but
backward compatibility is present for now. it will
be removed in a future release.
./build roms list also still works! it will do:
./update trees -b coreboot list
also:
./update trees -b grub list
this is now possible too
if a target "list" is provided, for multi-tree sources,
the targets are shown.
there is another difference: seagrub roms are now seagrub_,
instead of seabios_withgrub.
seabios-only roms are no longer provided, where grub is also
enabled; only seagrub is used. the user can easily remove
the bootorder file, if they want seabios to not try grub first.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the next command is a copy, which would give us the error
if the file doesn't exist, and an appropriate message
Signed-off-by: Leah Rowe <leah@libreboot.org>
this is over-engineering, because we do not allow just
about any path to be provided; it's not provided as an
argument in a command, for example.
this is dictated by a configuration file, which we control.
Signed-off-by: Leah Rowe <leah@libreboot.org>
we don't need to check whether the binary exists, because
make already does that for us.
we still need to check that the directory exists, because
older versions of coreboot did not include kbc1126, and we
do still use older coreboot revisions on some boards.
Signed-off-by: Leah Rowe <leah@libreboot.org>
if injection is attempted, verification comes next,
and verification fails.
this happens for kcma/kgpe amd boards, where pike2008
fake roms are inserted by inserting the correct pci
ids using /dev/null as a source. an empty pike2008 rom
prevents seabios from loading the real pci rom, and this
is done because the real one hangs SeaBIOS.
a similar fix was made for ./vendor download, but
overlooked for ./vendor inject. this patch fixes that.
Signed-off-by: Leah Rowe <leah@libreboot.org>
again: the trees script already checks binaries,
and already checks sources. if they exist, the
relevant action is skipped entirely.
we don't need to check it in vendor.sh, because the
trees script already performs the same check.
Signed-off-by: Leah Rowe <leah@libreboot.org>
we don't need to download the entire coreboot tree here,
because the next command after it builds utils from that
tree, using the trees script which would then go and
download that tree anyway; this is part of the design.
if a given elf binary exists, it won't be re-built, but
the missing sources will still be downloaded automatically.
Signed-off-by: Leah Rowe <leah@libreboot.org>
mktemp will never return empty output, and the next
command after it is an mkdir, which would throw an
error anyway, if the string is empty.
Signed-off-by: Leah Rowe <leah@libreboot.org>
also remove inject_vendorfiles() and merge it
into vendor_download()
the "release" variable is included in some target.cfg
files, which we put in config/coreboot/ and handle
here, so they could conflict with the release variable
used in vendor.sh, used for a different purpose. therefore,
rename it to "vrelease".
Signed-off-by: Leah Rowe <leah@libreboot.org>
replace it with logic that simply uses "." to load
files directly. for this, "vcfg" is added as a variable
in coreboot target.cfg files, referring to a directory
in config/vendor/ containing a file named pkg.cfg, and
this file then contains the same variables as the
erstwhile config/vendor/sources
config/git files are now directories, also containing
pkg.cfg files each with the same variables as before,
such as repository link and commit hash
this change results in a noticeable reduction in code
complexity within the build system.
unified reading of config files: new function setcfg()
added to lib.sh
setcfg checks if a config exists. if a 2nd argument is
passed, it is used as a return value for eval, otherwise
a string calling err is passed. setcfg output is passed
through eval, to set strings based on config; eval must
be used, so that the variables are set within the same
scope, otherwise they'd be set within setcfg which could
lead to some whacky results.
there's still a bit more more to do, but this single change
results in a substantial reduction in code complexity.
Signed-off-by: Leah Rowe <leah@libreboot.org>
nowadays, we don't insert GRUB keymaps automatically, for
sake of efficiency; without one, the default is US QWERTY.
a user will only want one keymap in particular, so this
is more efficient. in practise, they're either building
from source anyway, or using the inject scripts which
compile cbfstool anyway, so the user will already have
cbfstool.
also output this message from the inject script.
Signed-off-by: Leah Rowe <leah@libreboot.org>
i don't like that it's not there, because of the quirks
in sh behaviour. put it there to put my mind at ease.
otherwise, this doesn't change any behaviour.
Signed-off-by: Leah Rowe <leah@libreboot.org>
in future revisions, i will make tarballs become subfiles,
to complement submodules. e.g. crossgcc tarballs in coreboot
Signed-off-by: Leah Rowe <leah@libreboot.org>
one directory per util, under elf/
e.g. elf/cbfstool/
further split by tree name, e.g.:
elf/cbfstool/default/
elf/cbfstool/foo/
Signed-off-by: Leah Rowe <leah@libreboot.org>
We use a path of /dev/null pointing to a ROM for
Fam15h AMD boards, to add fake PIKE2008 images.
This is to mitigate a hang in SeaBIOS, but now with
recent changes, this causes the command below to
download coreboot, when it should just exit saying
no vendor files needed. Prevent accidentally wasted
bandwidth. The command was:
./vendor download kcma_d8_rdimm_16mb
This now correctly does the following:
$ ./vendor download kcma_d8_rdimm_16mb
Vendor files not needed for: kcma_d8_rdimm_16mb
The joys of programming a build system in sh!
Signed-off-by: Leah Rowe <leah@libreboot.org>
By default, the build system does set -u -e
Some errors are unavoidable and have to be handled, so
we have to set +u +e (turn off error handling in sh),
when downloading vendor files, but only certain parts of
vendor.sh trigger errors (which cause an exit).
Replace the current bazooka approach with a more fine
grained approach, turning error handling back on again
when it is safe to do so.
In the parts of the code where it is disabled, the code
is written very, very carefully, with errors still handled
manually, but more careful auditing is required.
This change has been tested and makes the command much
safer to run. In security (or any bug auditing), it is
the principle of least privilege that holds true.
Signed-off-by: Leah Rowe <leah@libreboot.org>
e.g. coreboot/default contains no config directory, so
the old logic would be trying to do:
.
which is obviously invalid
now for example:
$ ./vendor download default
Vendor files not needed for: default
and it will exit with zero status
the only thing that should ever return non-zero status
is when you define a target that does not exist, config
or no.
Signed-off-by: Leah Rowe <leah@libreboot.org>
previously, it was attempting to load the configs and silently
failing. we must provide feedback to the user.
Signed-off-by: Leah Rowe <leah@libreboot.org>
an equivalent change has been made in cbmk.
certain lbmk-specific variable names have been made
generic, with certain functions and other variables
moved around.
i maintain sync between libreboot and canoeboot, where
both projects can have the same behaviours, and most of
the merge conflicts have to do with variable names
containing "LBMK", "lbmk", "cbmk" or "CBMK", or
indeed "canoeboot" and "libreboot"
LBMK/lbmk/CBMK/cbmk variables between canoeboot and
libreboot now contain the string XBMK/xbmk
it should now be *much* easier to merge build system
changes between lbmk and cbmk.
Signed-off-by: Leah Rowe <leah@libreboot.org>
broadwell mrc is retained, because it's needed on 820 g2
it's no longer needed on haswell, because nri is stable. nri
is short for "native ram initialisation", and libreboot provides
this for: thinkpad t440p, thinkpad w541, dell optiplex 9020 mt,
and dell optiplex 9020 sff
remove, in line with libreboot's binary blob reduction policy
previous revisions, prior to the recent release, stated that
it would be retained for compatibility, but it's really not
right to retain it, because doing so violates libreboot's policy
the recent release excluded mrc-based rom images for haswell
machines, providing only those rom images that use the libre
raminit, while retaining support for mrc in the build system, so
that users could still run the lbmk inject script on older release
roms that use mrc
again: libreboot's binary blob reduction policy is very clear:
https://libreboot.org/news/policy.html
it is a policy that can be summarised, thus:
if a blob can be avoided, it must be avoided.
therefore, we will avoid the Haswell MRC raminit blob
Signed-off-by: Leah Rowe <leah@libreboot.org>
stub it from the main build script
the commands remain identical:
./vendor download arguments_here
./vendor inject arguments_here
Signed-off-by: Leah Rowe <leah@libreboot.org>
move it all to other files where items are used, and not
used anywhere else. this reduces the size of vendor.sh.
also remove a few redundant variables, or variables that
are not meaningfully used.
a few items have been moved to include/option.sh
Signed-off-by: Leah Rowe <leah@libreboot.org>
they are the functions only used by the download
script, so they don't belong in vendor.sh
an include file should only contain variables and
functions used by multiple main scripts
Signed-off-by: Leah Rowe <leah@libreboot.org>
This way, the handling of configs is unified into one
script, which reduces the possibility of bugs later,
and it reduces the repetition of code.
Signed-off-by: Leah Rowe <leah@libreboot.org>
coreboot closely matches upstream, whose current release
is version 1.2 from 2018, and coreboot has not changed it
in any meaningful way.
the upstream did add patches since, but they are documentation
patches only.
this means: we do not need to use the upstream version
Signed-off-by: Leah Rowe <leah@libreboot.org>
in the future, we may start downloading files that aren't
blobs, such as mxm port configs (on mainboards that use
MXM graphics)
this directory will contain all of those files
generally change the language used, across lbmk, to make
use of "vendorfile" instead of "blob"
Signed-off-by: Leah Rowe <leah@libreboot.org>
Leah Rowe