these commands weren't being run at all, leading
to binaries (such as xgcc) not being removed, and
thus they were present in tested release archives.
this bug did not affect libreboot 20230625. it
appeared during my audit, post-20230625.
Signed-off-by: Leah Rowe <leah@libreboot.org>
there were a few missing err calls
i actually went through all of lbmk and found no
instances where err calls were missing except in
build/boot/roms_helper
Signed-off-by: Leah Rowe <leah@libreboot.org>
if you copy a symlink, you create a whole new file with the
contents of what that symlink points to.
what we need to do instead is re-create the symlinks. this
is relevant for all symlinks to the main lbmk script, from
the main directory of lbmk.git.
this avoids there being multiple copies of the main lbmk
script, in release archives.
Signed-off-by: Leah Rowe <leah@libreboot.org>
in some cases, messages that should be considered errors
or warnings, were being written to the standard output,
rather than written as error messages.
also: one or two printf statements should specifically
avoid printing errors (to any file); in these cases,
stdout has been redirected to /dev/null
Signed-off-by: Leah Rowe <leah@libreboot.org>
these scripts used to be in the main directory of
lbmk, and thus needed to check for root user, and
also git credentials. now they are called by the main
lbmk script, which also runs the same checks.
avoid waste of resources by not running the same
check twice.
Signed-off-by: Leah Rowe <leah@libreboot.org>
on e6400_4mb, the release build scripts remove nvidia's vga
rom which is used on dgpu models. however, microcode is also
removed in separately copied rom images
the inject script was inserting vgaroms directly into these
no-microcode roms, but the microcode blob is bigger than the
vga rom, and cbfstool inserts into the first available free
spot within cbfs, so it was inserting into the spot where
cpu microcode went. this caused the rom checksum to not match
what was generated during build/release/roms being executed
the only real fix is to guarantee offsets within cbfs for all
files, by recording what offsets were used and then calculating
that during insertion
so this patch is a workaround, but fixes the issue. the workaround
is: don't insert blobs directly on no-microcode roms, instead
insert only on microcode-based roms, then re-copy those roms
and remove microcode in aptly named copies
it's a bit more convoluted, but works perfectly fine.
Signed-off-by: Leah Rowe <leah@libreboot.org>
sha-1 has known collision issues, which may not be readily
exploitable yet (in our context), but we should ideally use
a more secure method for checking file integrity.
therefore, use sha-2 (sha512sum) for checking files. this is
slower than sha-1, but checksum verification is only a minor
part of what lbmk does, so the overall effect on build times
is quite negligible.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Tested on a Nucleo-F042K6.
That has an onboard stlink:
`st-flash --format ihex write bin/serprog_stm32/serprog_nucleo-f042k6.hex`
The usb port used for flashing is separate, its is exposed on
the pin header instead. Check boards/nucleo-f042k6.h for usb pinout.
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
where it is set to "both" (grub_scan_disk), inserting
scan.cfg is superfluous, because grub.cfg defaults to
both anyway, unless otherwise specified by scan.cfg,
and only if that file exists within cbfs.
thus, save a bit of build time (only a slight saving)
Signed-off-by: Leah Rowe <leah@libreboot.org>
target.cfg can now specify e.g.
grub_timeout=20
this would then be inserted as timeout.cfg in cbfs,
containing the instruction:
set timeout=20
HP laptops need a bit of extra time, due to the delay
caused by the EC bug workaround deployed in GRUB
desktops in general need extra time. this too is set to
10s, like the HP laptops.
only insert timeout.cfg if actually needed (declared in
target.cfg), otherwise grub.cfg will default to 5s
Signed-off-by: Leah Rowe <leah@libreboot.org>
My previous patch b0rked memtest and others because when making sure
their parent directory (the project root) exists, it would instead create
the project directory (memtest86lus). The later move would then put the
git repo inside that (memtest86plus/memtest86plus_123456).
We just need to make sure we don't create the target directory itself.
This way, there's no need to hardcode any project names.
Tested by ./updating rpi-pico-serprog, memtest86plus, grub and seabios.
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
we are copying large numbers of ROM images, and the
host system may have /tmp under a tmpfs; that same
host system may or may not have a lot of memory.
respect the user's machine.
Signed-off-by: Leah Rowe <leah@libreboot.org>
we must conserve memory usage, in the event that the
user's /tmp is a tmpfs. copying of ROM images into
tmpfs is ill advised; we must copy them, due to how
the release process works (e.g. stripping of blobs,
but this must be done in a way so as to not interfere
with regular builds, thus they are copied instead)
Signed-off-by: Leah Rowe <leah@libreboot.org>
now under coreboot mainboards, target.cfg can specify
a background. if not specified, the 1280x800 one is
assumed, and used by default. it can be overridden.
the path should be relative to:
config/grub/background/
Signed-off-by: Leah Rowe <leah@libreboot.org>
explicitly set the count to 3, so that a maximum of 3
attemps are made per download, barring fatal errors such
as http 404.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the /tmp/ file system may be a tmpfs, with conservative
memory limits, depending on host system.
it's more likely that the user will have enough disk space
under tmp/ within lbmk (if they don't, they can't use
lbmk anyway). that is to say: more likely that they would
have the disk space, but not the memory.
Signed-off-by: Leah Rowe <leah@libreboot.org>
check based on whether defconfigs are available, which
are used extensively, rather than checking based on
whether target.cfg is available, which is not used
Signed-off-by: Leah Rowe <leah@libreboot.org>
also: only return zero status if rom images were succesfully
built, and print a list of each rom image directory based on
what was actually compiled, rather than just saying that the
rom images are stored under bin/
Signed-off-by: Leah Rowe <leah@libreboot.org>
the handling of target.cfg is *not* required, in
this script. other mechanisms are also used for
error checking. this script only uses defconfigs.
Signed-off-by: Leah Rowe <leah@libreboot.org>
they weren't even handled at all, but they were referenced
under coreboot configuration
they don't need to be handled. lbmk simply includes these files.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it doesn't really make sense for them to be under
blobs/ - nominally, they are blobs, but they are
well-understood data files containing config data,
that is easily parsed by tools like ich9show or
ifdtool (and tools like bincfg or nvmutil)
blobs/ has been re-purposed: this directory no longer
exists in lbmk, but it is created (and on .gitignore)
when needed, by blobutil
thus, the blobs/ directory shall only contain vendor
files, and only those files that libreboot scrubs from
releases. therefore, build/release/src can (and has
been) simplified; it currently copies just the ifd and
gbe files from blobs/, selectively, and this logic is
quite error prone, requiring maintenance. now, the
build/release/src script simply copies config/ (which
only ever contains distributable files) and entirely
ignores the blobs/ directory
the blob download script already creates the required
directory, except for the sch5545 download; this is
now fixed
lbmk code size is slightly smaller, due to this patch
Signed-off-by: Leah Rowe <leah@libreboot.org>
This cuts down on build time, and it will allow libreboot
to remove large chunks of code.
these ifd/gbe configs are just binary-encoded config files,
in a format well-understood. they can easily be opened up
and displayed, using ich9show or ifdtool, and manipulated
by these tools; bincfg can generate them from scratch, and
nvmutil can change mac addresses, for example.
so, do this and remove from lbmk the following:
* ich9utils (which contains ich9gen) - not needed anymore
* code in lbmk for handling ich9gen and insertions; the
coreboot build system is now used, for this same purpose,
so remove such code from lbmk
this results in a massive code size reduction (thousands of
lines) in lbmk; smaller when only looking at the build
system, but much larger when you consider that ich9utils
is also removed (about 3k sloc)
Signed-off-by: Leah Rowe <leah@libreboot.org>
a follow-up patch will make use of these, rather than ich9gen,
and ich9gen will be deleted.
these files were in fact generated *by* ich9gen.
coreboot has ifdtool and bincfg, the latter of which can
generate both ifd and gbe files for ich9m. that, and nvmutil
which is part of libreboot, can change gbe mac addresses.
i was going to replace ich9gen with a script that would run
bincfg, ifdtool and nvmutil, to greatly reduce code size,
because ich9gen is about 3k sloc.
however, in practise we would always generate the same ifd
config, and basically only change the mac address if that's
what the user wants; nvmutil can already do that just fine.
so, just include the binaries directly.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the mkdir command in update/project/repo, added for
pico-pi integration, broke a bunch of other downloads.
the fix is a bit of a hack but it should hold for now.
Signed-off-by: Leah Rowe <leah@libreboot.org>
More than 90% of cats were thus terminated.
read (shell built-in) is better at reading, and dogs are better pets.
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
the way this script works, it only copies what was built,
but it currently operatios as though coreboot/default
always exists, and then cleans the kbc1126 util
this patch fixes such buggy behaviour
Signed-off-by: Leah Rowe <leah@libreboot.org>
The -c option is added for distclean, and -x for crossgcc-clean,
in handle/make/config
about 100 sloc removed from lbmk
Signed-off-by: Leah Rowe <leah@libreboot.org>
The -T option specifies how many threads xz shall use.
The -T value of zero shall dictate that xz use so many
threads as there are CPUs, on the host system.
This will probably speed up the release process a bit.
Signed-off-by: Leah Rowe <leah@libreboot.org>
The same ROM images that you flash on Intel GPU variants,
are now flashed on Nvidia models. The same ROM will work
on both. If an Intel GPU variant is present, libgfxinit
is used, and the VGA ROM is used if an Nvidia GPU variant;
however, release ROMs will scrub the nvidia option ROM,
so release ROMs will only work on Intel GPUs unless you
run the blobutil inject command.
I decided to no longer have this under WIP, but to put
it in master. The issue with it pertains to video drivers,
which is not Libreboot's problem.
Nouveau crashes under Linux, so use "nomodeset" if it does.
The "nv" drivers in BSD systems work very well.
The nvidia model of E6400 isn't recommended for other
reasons, namely: poor thermal cooling (thermal pad on
the GPU) and that Nvidia GPU doesn't get very good
performance on any libre drivers anyway. The Intel GPU
variant is better, in terms of power efficiency and
software support; the intel variant also works with
native graphics initialisation in coreboot.
This board port already only enables SeaBIOS, which will
simply execute the VGA ROM. Blobutil already supports
reading the config, detecting that a VGA ROM is needed,
because that part of the WIP E6400 branch was already
merged in lbmk master.
Signed-off-by: Leah Rowe <leah@libreboot.org>
they weren't being copied back, after running the
make command. i overlooked this when testing in
the previous optimisations, because i only tested
building, not modification or updating of configs
Signed-off-by: Leah Rowe <leah@libreboot.org>
the current check only worked if it had already
been built, when checking for the Makefile
however, running this during build/release/src
caused problems, hence the current check
so: perform the same check, but as a fallback for
cmake failing (and if that check fails, only then
will err be called)
Signed-off-by: Leah Rowe <leah@libreboot.org>
lbmk never needed a makefile, because the build system
is all shell scripting; the former makefile simply called
those scripts, in a way that was mostly superfluous
build/release/src was still trying to copy it, so let's
remove it from that file
Signed-off-by: Leah Rowe <leah@libreboot.org>
it was previously trying to "continue", despite not being
inside a loop. the correct instruction would have
been "return 0", but then I thought it'd be better to
err here
Signed-off-by: Leah Rowe <leah@libreboot.org>
this means the unified /tmp handling is now provided for
in both the former "fetch" and "fetch_trees" script, which
are now (respectively):
./update project repo
./update project trees
if the fetch scripts weren't cleaning /tmp before, they
now are, because lbmk handles it
Signed-off-by: Leah Rowe <leah@libreboot.org>
libreboot's build system, lbmk, *is* available to use
in releases aswell (use the _src tarball), but it is
mostly intended for development, in lbmk.git
well, there's not much point wasting time / disk space
generating no-microcode roms within lbmk
they should be generated only at release time, alongside
the default ones
this patch implements that, thus speeding up the build
process and saving disk usage during development
the other alternative was to add a new option in
build/boot/roms, -m, that would opt in to removing them,
but this is extra complexity for something that is ill
advised and only provided to appease certain people
Signed-off-by: Leah Rowe <leah@libreboot.org>
most of these steps do not need to be repeated, per image.
move it into handle/make/config, so that the steps are
performed on files that go under elf/coreboot (this will
save on build time).
the logic for handling 4MB ROM images on sandy/ivy was unused,
and has been removed.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the error messages that it shows are benign, but users
see them and worry that something went wrong
this patch reduces the number of people asking pointless
questions on irc
Signed-off-by: Leah Rowe <leah@libreboot.org>
new behaviour:
* grub.cfg and grubtest.cfg no longer inserted to cbfs
* grub.cfg in memdisk instead
* grub.cfg in memdisk defers to cbfs/grub.cfg if added
(not added by default, anymore)
* does not defer to grubtest.cfg even if available
* only shows link to grubtest.cfg if available,
as a menuentry item
keymaps:
if /keymap.gkb exists in cbfs, it uses that by default,
but by default this isn't added. instead, it looks for
a file named keymap.cfg and sources that, which then
sets the keymap to one that is located under memdisk.
this file is inserted for each rom, per layout.
if keymap.gkb and keymap.cfg both absent, grub.cfg in
memdisk shall defer to usqwerty as the default keymap
grub_scan_disk: grub.cfg looks for cbfs file "scan.cfg"
and sources that if found, which will be inserted with
the string: set grub_scandisk=setting_goes_here (based
on target.cfg, generated by build/boot/roms automatically).
If no scan.cfg is found, it defaults to "both"
The "background.png" file remains unchanged, and present in
CBFS, used by grub.cfg if present (and it is, by default)
This change actually *saves* space in CBFS, due to compression,
and means that the grub.cfg is now compressed heavily. This
is also safer, because now the user overrides grub.cfg by
adding it, and they can still add grubtest.cfg for testing
first. If they accidentally delete both configs from cbfs,
Libreboot will fall back to the one in memdisk which would
presumably not be deleted.
This also means that lbmk can now more easily be used by
other build systems, that just want the GRUB part to re-use
in their own project. For example, people who want to build
custom coreboot images without using Libreboot's build system.
This change also *speeds* up the build process considerably,
on the parts where ROM images are copied. It's less than half
a second now, whereas previously it took about 30-45 seconds
for ROM images to copy, because of grub.elf being re-added in
each ROM via cbfstool, where compression is used; I believe
the compression part is what caused slowness.
Much, much faster, more versatile builds.
Signed-off-by: Leah Rowe <leah@libreboot.org>
this was an oversight, in a previous commit.
there was a space, between variable name and
the equals sign, and then another space, so it
was trying to *execute* the rom
Signed-off-by: Leah Rowe <leah@libreboot.org>
lbmk's new style is inspired by the bsd coding styles:
top-down logic, main simplified to a skeleton showing
overall program structure, variables well-defined,
rigorous (yet deceptively simple) error checking.
this was attempted before, but caused problems; coreboot
wasn't being cleaned properly, and rather than audit it,
i simply reverted this back to the old style.
this is actually attempt number 5, because i made 3 more
attempts between then and this one. i've build-tested this
using "./build boot roms all" (which is what b0rked on
the first attempt, months ago). it should be stable(tm).
the code is much nicer to read / work on now. this is the
beating heart of lbmk. get this script wrong, and you break
all of libreboot.
Signed-off-by: Leah Rowe <leah@libreboot.org>
With this change, about 54KB of compressed space is saved
inside of CBFS, on setups that use the GRUB payload.
The uncompressed saving is about 720KB, but payloads are
compressed inside each coreboot image, so the compressed
saving is much smaller. That 54KB saving means a lot,
especially on small (1MB or smaller) flash sizes.
The following modules were removed:
adler32, afsplitter, aout, archelp, backtrace, blocklist,
bswap_test, cat, cmdline_cat_test, cmosdump, cmostest, cmp,
cmp_test, cpuid, cs5536, ctz_test, date, datehook, datetime,
disk, diskfilter, div, div_test, dm_nv, efiemu, eval,
exfctest, extcmd, file, fshelp, functional_test, gdb,
gettext, gptsync, hashsum, hdparm, hello, hfspluscomp, http,
json, json, ldm, loadenv, macbless, macho, mda_text, morse,
mpi, msdospart, mul_test, net, ntfscomp, offsetio,
part_acorn, part_amiga, part_apple, part_dvh, part_plan,
part_sun, part_sunpc, parttool, pbkdf2, pbkdf2_test, pci,
play, priority_queue, probe, progress, random, rdmsr, read,
relocator, setjmp, setjmp_test, shift_test, signature_test,
sleep, sleep_test, smbios, strtoull_test, terminal,
terminfo, test_blockarg, testload, testspeed, tftp, tga,
time, tr, trig, usbtest, video_bochs, video_cirrus,
videoinfo, videotest, videotest_checksum, wrmsr, xnu_uuid,
xnu_uuid_test
These were retained, but moved to modules instead of
install modules:
geli, udf, ufs1, ufs1_be, ufs2
Signed-off-by: Leah Rowe <leah@libreboot.org>