note: me6_update_parser needs to be written, similar
to me7_update_parser, to generate the partition
tables within intel me6 on lenovo bios updates.
the current logic in lbmk goes like this:
mkdir -p vendorfiles/cache/
and save your factory dump as:
vendorfiles/cache/x201_factory.rom
the build system has been modified, in such a way
as to support extracting me.bin (which is the full
one) and then neutering from this.
this is done automatically, if the file is present,
but you must first insert that file there, which means
you'll need a dump of the original boot flash on your
thinkpad x201
Signed-off-by: Leah Rowe <leah@libreboot.org>
the patch:
https://review.coreboot.org/c/coreboot/+/78270
this has been reverted, because it caused s3 resume
issues on most intel laptops in libreboot.
i was going to merge this instead:
https://review.coreboot.org/c/coreboot/+/78623
however, it's under review, and this doesn't change
to the old behaviour; it keeps the new universal
config, but changes the default
we know the old logic works, so keep that for now.
in fact, the offending patch was only merged to
main in coreboot, one day before i recently
updated coreboot revs in coreboot/default - i used
a 12 october revision, the patch above is 11 october
i then ran "./update trees -u coreboot" which updated
the heap sizes back to the old defaults. this should
fix s3 suspend/resume where it was broken, in the
libreboot 20231021 release - a point release with this
and a few other fixes is planned soon.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the logic for naming coreboot roms is based on whether
cpu_microcode_blob.bin would exist in cbfs, and whether
deletion was therefore successful.
lbmk was naming nomicrocode on fam15h roms on this basis,
but the microcode was being inserted as microcode_amd.bin
and microcode_amd_fam15h.bin
in the recent 20231021 release, the roms were exclusively
labeled _nomicrocode in the rom names, but they do in fact
contain microcode.
i'm fixing it by telling lbmk *not* to delete microcode.
if microcode_required is not set, or it's set to y, then
only roms *with* microcode updates are provided; even if
the rom doesn't actually contain it, lbmk will only label
it _nomicrocode if that setting is set to n.
i'm not bothering to add further complexity to the rom
handling logic, because canoeboot now exists anyway (at
website https://canoeboot.org/) which is my new version
re-implementing the older, inferior version of libreboot
so i'm going to:
1) document this as errata in the release
2) cross reference in the freedom status page
3) if someone still isn't happy, i'll say use canoeboot
job done.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it wasn't being copied right
the roms under elf/ were being copied, but not the ones
under bin/ - i need to audit it further
for now, i run modify_coreboot_roms from build/roms
instead of update/trees
so, the ones under elf/ no longer have bootblocks copied.
it's only done in bin/
Signed-off-by: Leah Rowe <leah@libreboot.org>
when building only for u-boot, the current script
works just fine. however, when building for other
payloads in additional to u-boot, the final u-boot
stage fails because other payloads are already
inserted via cbfs.
when we build u-boot, we do that last because we want
u-boot setups to only be u-boot, nothing else.
this patch enables qemu x86 to build properly with
u-boot.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Add a U-Boot build for the qemu_x86_12mb board. The config is a copy of
the upstream "coreboot" defconfig, but with OF_EMBED=y.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Add my upstream U-Boot series enabling video console support by default
for QEMU ARM virtual machines. Similarly, enable the related config
options for our builds using savedefconfig and olddefconfig.
The resulting ROM can be booted with a command line like:
qemu-system-aarch64 \
-machine virt,secure=on,virtualization=on \
-cpu cortex-a72 -m 1G \
-serial stdio -device VGA \
-device qemu-xhci \
-device usb-kbd -device usb-mouse \
-bios bin/qemu_arm64_12mb/*.rom
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
gru_bob fails to build without python-setuptools. this isn't a huge issue,
because most users probably have it already as many other python programs
depend on it too. that's probably why no one noticed until now,
when i tried to do this on a fresh artix install uncontaminated by python.
i also sorted and deduplicated the packages with 'sort -u'.
github's httpd b0rked the fuck out and i didn't want to wait
for them to fix it (ssl cert error) before i continued a build.
i now host the relevant acpica tarball on libreboot rsync,
mirrored to princeton.
Signed-off-by: Leah Rowe <leah@libreboot.org>
keymaps weren't being set in keymay.cfg of cbfs, due
to use of x_ in the rom script, and x_ doesn't handle
quotes or spaces in arguments well.
i'm going to remove use of x_ and xx_ (it's in my todo),
for next release.
for now, hot patch the release. i've gone through and
replaced use of x_ with || err, in some places.
not just the keymap.cfg command, but others too. in case
there are more issues we missed.
this commit is being tagged "20231021fix" and i'm using
this tag to re-build the 20231021 release. i'll just
replace the tarballs in rsync and add errata to the news
page announcing the release. all i did was break peoples
umlauts, i didn't brick their machines fortunately!
very minor bug. anyway, x_/xx_ is a great idea, but sh
isn't really designed for that style of programming. i'll
go back to using just || err in the next release.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it's not used by anywhere else in lbmk, but the release build
script will automatically download each project named as per
file names in config/git/
this is a stupidly simply way to prove documentation in
libreboot releases, and i've used current revisions corresponding
to the Libreboot 20231021 release, for this 20231021 release
of lbmk.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it's been a while since we did encrypted /boot
and the current name sucks.
it's unlikely that anyone still uses it, but
people will soon
change the default assumed lvm name to grubcrypt
and stick to that.
Signed-off-by: Leah Rowe <leah@libreboot.org>
clean it up after copying the tarballs
i really hate how this logic is written, it's clunky
but it should work; the only issue is that it's quite
slow, and inefficient on use of disk space.
however, i've not yet figured out how to reproducible
add files to a tarball, once the tarball has been created,
and i rely on sorting (of file names) when creating them.
it's really not a problem because normal people won't
use this script, only i or anyone who wants to test out
the libreboot release infrastructure. this script is
largely intended to *work*
but i'm still annoyed by how crappy it is. i'll fix it
after the Libreboot 20231021 release.
Signed-off-by: Leah Rowe <leah@libreboot.org>
notabug is unreliable, even as a backup.
why, just today, it was offline! all day.
i originally moved libreboot away from notabug,
to codeberg instead, but kept the notabug account
online, and i still push to it when it's online.
however, notabug seems to be in a terminal state
of neglect by its admins, so lbmk should not use it.
Signed-off-by: Leah Rowe <leah@libreboot.org>
everything downloaded, then tarballed, then built,
now crossgcc is downloaded by coreboot.
now extract, copy crossgcc tarballs, re-compress.
TODO: simply add files to the archive, without re-
compressing the whole thing.
this is still more efficient than the old way: build
everything, then clean and compress, making another
build test on the release archive necessary; with this,
there is still only one build test per release.
with this, and the previous revisions dealing with
submodules, the source archives should now be complete.
Signed-off-by: Leah Rowe <leah@libreboot.org>
in release archives, .git is excluded but the version
and versiondate files are included. from these, the
git history is re-created with the exact date (but not
taking into account timezone, at present).
in this way, lbmk will have git history in a release
archive. some build systems, like coreboot, prefer that
there be git history available, so this is a nice
workaround on those build systems.
Signed-off-by: Leah Rowe <leah@libreboot.org>
flashrom-stable isn't really going anywhere
i'll decide at some future point what to do
with flashrom. for now, just give latest rev
Signed-off-by: Leah Rowe <leah@libreboot.org>
the grub backup was the same gnu server
i decided to host grub on codeberg, as backup
(gnu links as primary is ok)
Signed-off-by: Leah Rowe <leah@libreboot.org>
it's ok for now to use it as a backup.
where only github was specified, i mirrored each
given repository to codeberg as main repo for lbmk.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it's not actually needed in lbmk
flashrom can be downloaded separately by the user,
if they want to flash their chip
Signed-off-by: Leah Rowe <leah@libreboot.org>
do it using find -exec
this is more robust, and it will never need to be
maintained over time (famous last words).
this is done because now we download submodules
for all git projects, so it's hard to predict.
Signed-off-by: Leah Rowe <leah@libreboot.org>
when [] is used right at the end of a function, or
certain loops/subshells, some sh implementations will
just return a non-zero exit
Signed-off-by: Leah Rowe <leah@libreboot.org>
only fetch if .gitmodules exists
in some cases, lbmk is compiling source trees that
use submodules, without having downloaded them first.
in all cases, those submodules are either optional,
or the build system auto-fetches them (or if it can,
we sometimes disable it as with grub and gnulib).
this is a nice fallback behaviour, for situations where
we forget to put submodules as dependencies under
config/git (and disable submodules in the given project).
with this change, release archives are guaranteed to
be complete, sans crossgcc downloads in coreboot; this
will be handled in a follow-up commit.
Signed-off-by: Leah Rowe <leah@libreboot.org>
config/git has been re-arranged in a prior revision,
ensuring that each file only refers to a main source
tree defined within those files.
the erstwhile "./build clean all" functionality is now
once again possible in lbmk
Signed-off-by: Leah Rowe <leah@libreboot.org>
don't put multiple downloads in the same files, except
when they are dependencies that go inside the directory
of another download.
by doing this, the following functionality will become
possible: clean every project or build every project,
or maybe fetch every project, based entirely on the
names of these files.
this will be used later to simplify the release script.
Signed-off-by: Leah Rowe <leah@libreboot.org>
in some cases, use of x_ or xx_ can be error-prone,
due to the way $@ is handled; commands requiring
quotes, or with funny file names as arguments such
as spaces in the file name, or other special
characters, can make the x/xx functions break.
in those cases, where x/xx must not be used, the
commands use || err instead
in other cases, use of x/xx is superfluous, and has
been removed in some commands.
Signed-off-by: Leah Rowe <leah@libreboot.org>
as opposed to the current 3-level structure.
recent build system simplifications have enabled
this change, thus:
./build fw coreboot -> ./build roms
./build fw grub -> ./build grub
./build fw serprog -> ./build serprog
./update project release -> ./update release
./update project trees -> ./update trees
./update vendor download -> ./vendor download
./update vendor inject -> ./vendor inject
alper criticised that the commands were too long,
so i made them shorter!
Signed-off-by: Leah Rowe <leah@libreboot.org>