Commit Graph

884 Commits (f45f5e625daa119ec5c830290164a1a469054da7)

Author SHA1 Message Date
Leah Rowe f45f5e625d update/project/*: remove redundant checks
these scripts used to be in the main directory of
lbmk, and thus needed to check for root user, and
also git credentials. now they are called by the main
lbmk script, which also runs the same checks.

avoid waste of resources by not running the same
check twice.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-09 22:30:22 +01:00
Leah Rowe 3e76e70d83 blobs/download: don't use the -B option in make
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-09 22:14:02 +01:00
Leah Rowe 877c691ef5 build/release/roms: remove errant line break
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-09 22:11:28 +01:00
Leah Rowe f03efbc27f blobs/inject: add error condition on rm command
this was overlooked, earlier on in lbmk audit 2

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-09 20:15:50 +01:00
Leah Rowe 20be007f5b blobs/inject: fix checksum validation if no-ucode
on e6400_4mb, the release build scripts remove nvidia's vga
rom which is used on dgpu models. however, microcode is also
removed in separately copied rom images

the inject script was inserting vgaroms directly into these
no-microcode roms, but the microcode blob is bigger than the
vga rom, and cbfstool inserts into the first available free
spot within cbfs, so it was inserting into the spot where
cpu microcode went. this caused the rom checksum to not match
what was generated during build/release/roms being executed

the only real fix is to guarantee offsets within cbfs for all
files, by recording what offsets were used and then calculating
that during insertion

so this patch is a workaround, but fixes the issue. the workaround
is: don't insert blobs directly on no-microcode roms, instead
insert only on microcode-based roms, then re-copy those roms
and remove microcode in aptly named copies

it's a bit more convoluted, but works perfectly fine.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-09 20:11:11 +01:00
Leah Rowe f989d5b434 blobs/sources: fix backup links on some files
some files did not have backup links defined (the ones
defined were the same as main links)

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-09 18:40:40 +01:00
Leah Rowe 878550d519 use sha512sum to check downloads, not sha1sum
sha-1 has known collision issues, which may not be readily
exploitable yet (in our context), but we should ideally use
a more secure method for checking file integrity.

therefore, use sha-2 (sha512sum) for checking files. this is
slower than sha-1, but checksum verification is only a minor
part of what lbmk does, so the overall effect on build times
is quite negligible.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-09 16:39:26 +01:00
Leah Rowe 022e0200df Merge pull request 'Add stm32-vserprog' (#129) from Riku_V/lbmk:stm32 into master
Reviewed-on: https://codeberg.org/libreboot/lbmk/pulls/129
2023-09-09 14:13:05 +00:00
Riku Viitanen bed444ff90 Add stm32-vserprog
Tested on a Nucleo-F042K6.

That has an onboard stlink:
`st-flash --format ihex write bin/serprog_stm32/serprog_nucleo-f042k6.hex`

The usb port used for flashing is separate, its is exposed on
the pin header instead. Check boards/nucleo-f042k6.h for usb pinout.

Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
2023-09-09 16:55:06 +03:00
Leah Rowe e9e4ada55f build/boot/rom: only insert scan.cfg if needed
where it is set to "both" (grub_scan_disk), inserting
scan.cfg is superfluous, because grub.cfg defaults to
both anyway, unless otherwise specified by scan.cfg,
and only if that file exists within cbfs.

thus, save a bit of build time (only a slight saving)

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-09 00:10:23 +01:00
Leah Rowe 0e3f3efcaa build/boot/roms: delete tmpcfg when done
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-09 00:02:00 +01:00
Leah Rowe a69e8548b3 set grub.cfg timeout to 5s (10 on some boards)
target.cfg can now specify e.g.

grub_timeout=20

this would then be inserted as timeout.cfg in cbfs,
containing the instruction:
set timeout=20

HP laptops need a bit of extra time, due to the delay
caused by the EC bug workaround deployed in GRUB

desktops in general need extra time. this too is set to
10s, like the HP laptops.

only insert timeout.cfg if actually needed (declared in
target.cfg), otherwise grub.cfg will default to 5s

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-09 00:01:22 +01:00
Leah Rowe 4a459b0217 Merge pull request 'pico-serprog improvements' (#128) from Riku_V/lbmk:master into master
Reviewed-on: https://codeberg.org/libreboot/lbmk/pulls/128
2023-09-08 21:02:04 +00:00
Riku Viitanen 7b6fb95897 Build pico-serprog binary release archive
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
2023-09-08 20:43:53 +03:00
Riku Viitanen c292e01b00 Build for all pico board, not just the "original"
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
2023-09-08 20:43:53 +03:00
Riku Viitanen 1bde6bb3c4 Support multiple dependencies per project
Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
2023-09-08 20:43:53 +03:00
Riku Viitanen 4d3b16da38 Cleaner parent directory creation
My previous patch b0rked memtest and others because when making sure
their parent directory (the project root) exists, it would instead create
the project directory (memtest86lus). The later move would then put the
git repo inside that (memtest86plus/memtest86plus_123456).

We just need to make sure we don't create the target directory itself.
This way, there's no need to hardcode any project names.

Tested by ./updating rpi-pico-serprog, memtest86plus, grub and seabios.

Signed-off-by: Riku Viitanen <riku.viitanen@protonmail.com>
2023-09-08 00:25:58 +03:00
Leah Rowe 7e8465bec8 grub: re-add module: play
for example, the beep sound in debian's installer needs
this module.

the cute ding in the arch/artix menu also needs it

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-06 09:39:44 +01:00
Leah Rowe e3b9dfc959 util/nvmutil: put code all in nvmutil.c
it doesn't really make sense to have nvmutil.h
since this is only a very small program and not
intended for use as a library

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-05 15:24:21 +01:00
Leah Rowe 8fc5f6ed53 update/blobs/inject: use tmp/romdir, not TMPDIR
we are copying large numbers of ROM images, and the
host system may have /tmp under a tmpfs; that same
host system may or may not have a lot of memory.

respect the user's machine.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-05 01:49:35 +01:00
Leah Rowe da991262a3 build/release/roms: use tmp/romdir, not TMPDIR
we must conserve memory usage, in the event that the
user's /tmp is a tmpfs. copying of ROM images into
tmpfs is ill advised; we must copy them, due to how
the release process works (e.g. stripping of blobs,
but this must be done in a way so as to not interfere
with regular builds, thus they are copied instead)

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-05 01:39:36 +01:00
Leah Rowe 15081ed9ef grub: make backgrounds configurable in target.cfg
now under coreboot mainboards, target.cfg can specify
a background. if not specified, the 1280x800 one is
assumed, and used by default. it can be overridden.
the path should be relative to:
config/grub/background/

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-05 00:53:28 +01:00
Leah Rowe 0d315c3a4e curl/wget downloads: set re-try count to 3
explicitly set the count to 3, so that a maximum of 3
attemps are made per download, barring fatal errors such
as http 404.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 22:12:02 +01:00
Leah Rowe bdf171e3ec don't use /tmp/ for git clones. use tmp/ instead.
the /tmp/ file system may be a tmpfs, with conservative
memory limits, depending on host system.

it's more likely that the user will have enough disk space
under tmp/ within lbmk (if they don't, they can't use
lbmk anyway). that is to say: more likely that they would
have the disk space, but not the memory.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 21:45:29 +01:00
Leah Rowe 196f293a27 build/release/roms: fix ucode handling
microcode_required wasn't being reset per target,
leading to unreliable results. this fixes that.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 21:23:18 +01:00
Leah Rowe c0c7f3ae15 build/release/roms: simplify defcongic handling
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 21:19:27 +01:00
Leah Rowe a56cad71c0 update/blobs: unify global variables
they all more or less use the same variables, so put
them all under include/blobutil.sh

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 18:12:49 +01:00
Leah Rowe 2cbc7eea95 update/blobs/*: unify checking of defconfig files
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 16:16:53 +01:00
Leah Rowe 52677309c5 update/blobs/extract: replace errant target code
check based on whether defconfigs are available, which
are used extensively, rather than checking based on
whether target.cfg is available, which is not used

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 15:57:48 +01:00
Leah Rowe ea7fae97bd build/boot/roms: don't create empty bin/ directory
also: only return zero status if rom images were succesfully
built, and print a list of each rom image directory based on
what was actually compiled, rather than just saying that the
rom images are stored under bin/

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 14:54:36 +01:00
Leah Rowe c62a423909 update/blobs/inject: remove errant target handling
just like the last patch, target.cfg handling is not
required in this script either. remove it.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 14:17:09 +01:00
Leah Rowe 950166da7b update/blobs/download: remove errant code
the handling of target.cfg is *not* required, in
this script. other mechanisms are also used for
error checking. this script only uses defconfigs.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 13:44:07 +01:00
Leah Rowe 0668d234f0 add checkversion to build/release/src
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 12:39:22 +01:00
Leah Rowe c92a596cb9 grub: remove xnu module
this causes a saving of about 131KB uncompressed, when
i tested. we don't need mach kernel support. nobody will
ever use it.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 04:22:58 +01:00
Leah Rowe e659ddd849 grub: remove legacy file system modules
this causes a 6.7% decrease in the payload size

these file systems are microsoft(fat, ntfs) or mostly
oldschool amiga and beos file systems

also remove minix modules, and some old linux file
systems that nobody will use in 2023

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 04:16:45 +01:00
Leah Rowe cf5357856c re-add grub modules cat, eval and pbkdf2
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 03:49:03 +01:00
Leah Rowe 33e6088a16 move script/misc/versioncheck to main directory
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 03:28:11 +01:00
Leah Rowe 2c769dc136 move me7_update_parser.py to util/
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 03:24:46 +01:00
Leah Rowe da3c9bb3c5 merge config/ and resources/
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 02:47:25 +01:00
Leah Rowe a05010503f blobs/download: don't handle ifd/gbe files
they weren't even handled at all, but they were referenced
under coreboot configuration

they don't need to be handled. lbmk simply includes these files.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 02:12:05 +01:00
Leah Rowe 03788d14fb move ifd/gbe configs into config/ifd/
it doesn't really make sense for them to be under
blobs/ - nominally, they are blobs, but they are
well-understood data files containing config data,
that is easily parsed by tools like ich9show or
ifdtool (and tools like bincfg or nvmutil)

blobs/ has been re-purposed: this directory no longer
exists in lbmk, but it is created (and on .gitignore)
when needed, by blobutil

thus, the blobs/ directory shall only contain vendor
files, and only those files that libreboot scrubs from
releases. therefore, build/release/src can (and has
been) simplified; it currently copies just the ifd and
gbe files from blobs/, selectively, and this logic is
quite error prone, requiring maintenance. now, the
build/release/src script simply copies config/ (which
only ever contains distributable files) and entirely
ignores the blobs/ directory

the blob download script already creates the required
directory, except for the sch5545 download; this is
now fixed

lbmk code size is slightly smaller, due to this patch

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-04 01:38:08 +01:00
Leah Rowe 6ddb0e0974 run make oldconfig on coreboot/default mainboards
the resulting changes are what i will push. this prevents
the coreboot build system from asking for user input.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-03 23:20:28 +01:00
Leah Rowe 19efdf9eeb ich9m mainboards: use pre-assembled ifd/gbe files
This cuts down on build time, and it will allow libreboot
to remove large chunks of code.

these ifd/gbe configs are just binary-encoded config files,
in a format well-understood. they can easily be opened up
and displayed, using ich9show or ifdtool, and manipulated
by these tools; bincfg can generate them from scratch, and
nvmutil can change mac addresses, for example.

so, do this and remove from lbmk the following:

* ich9utils (which contains ich9gen) - not needed anymore
* code in lbmk for handling ich9gen and insertions; the
  coreboot build system is now used, for this same purpose,
  so remove such code from lbmk

this results in a massive code size reduction (thousands of
lines) in lbmk; smaller when only looking at the build
system, but much larger when you consider that ich9utils
is also removed (about 3k sloc)

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-03 22:40:33 +01:00
Leah Rowe af8d8cda7d add ich9m ifd/gbe files
a follow-up patch will make use of these, rather than ich9gen,
and ich9gen will be deleted.

these files were in fact generated *by* ich9gen.

coreboot has ifdtool and bincfg, the latter of which can
generate both ifd and gbe files for ich9m. that, and nvmutil
which is part of libreboot, can change gbe mac addresses.

i was going to replace ich9gen with a script that would run
bincfg, ifdtool and nvmutil, to greatly reduce code size,
because ich9gen is about 3k sloc.

however, in practise we would always generate the same ifd
config, and basically only change the mac address if that's
what the user wants; nvmutil can already do that just fine.

so, just include the binaries directly.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-03 19:19:50 +01:00
Leah Rowe d554efae81 build/release/src: copy e6430 ifd/gbe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-03 18:36:25 +01:00
Leah Rowe 09aae7be45 build/rpi-pico-serprog: better error handling
use a subshell for changing directory, and use more
verbose error messages under fault conditions

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-03 17:46:59 +01:00
Leah Rowe 1dc54608a1 fix rpi-pico builds when running it twice
it needed to be make-cleaned

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-03 17:36:42 +01:00
Leah Rowe c63052cf19 fix memtest86plus download/build
the mkdir command in update/project/repo, added for
pico-pi integration, broke a bunch of other downloads.

the fix is a bit of a hack but it should hold for now.

Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-03 17:28:10 +01:00
Leah Rowe fb4e6834c1 Merge pull request 'Add Dell Latitude E6430' (#124) from nic3-14159/lbmk:e6430 into master
Reviewed-on: https://codeberg.org/libreboot/lbmk/pulls/124
2023-09-03 15:55:42 +00:00
Nicholas Chin ebc04e5212 Add Dell Latitude E6430
This was only tested on the iGPU model, though a dGPU model does exist.
The vendor firmware used a 16KiB gbe.bin, which was modified with a
random MAC address as well as shrinking it to 8KiB. As with the E6400,
GRUB doesn't like the way the EC implements the keyboard controller and
thus GRUB payloads are disabled at this time. Suspend does not currently
work, and this is believed to be due to the EC controlling the DRAM
reset gate which is required to prevent DRAM from being reset on resume.

With some tweaks, the e6400-flash-unlock utility also works on this
system, though both flash chips can be accessed through removal of only
the keyboard.

Signed-off-by: Nicholas Chin <nic.c3.14@gmail.com>
2023-09-03 09:13:03 -06:00