ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-20 05:28:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
6385a95368
heads/initrd/bin/flash.sh

110 lines
3.2 KiB
Bash
Raw Normal View History

*-flash.init: Use busybox ash Busybox no longer has CONFIG_BASH since we are deploying bash on most boards. We also should clearly indicate which scripts cannot use bashisms. Change shebang in x230-flash.init, t430-flash.init, flash.sh to /bin/ash. Execute /bin/sh for interactive shells. Move key functions needed by those scripts to initrd/etc/ash_functions. Source ash_functions instead of functions in those scripts, so any bashisms in other functions won't break parsing of the script in ash. Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2023-03-07 15:10:32 +00:00
#!/bin/ash
Add generic flash script Based on the conversation for PR #406, we decided to go with a more generic script for general-purpose flashing instead of having individual (and therefore very similar) flash scripts for each board type. This script currently handles flashrom on Librem and X230 board types and introduces a new CONFIG_BOARD option that sets specific flashrom arguments based on the board. It also adds support to gui-init to call this flash script.
2018-05-11 19:27:50 +00:00
#
*-flash.init: Use busybox ash Busybox no longer has CONFIG_BASH since we are deploying bash on most boards. We also should clearly indicate which scripts cannot use bashisms. Change shebang in x230-flash.init, t430-flash.init, flash.sh to /bin/ash. Execute /bin/sh for interactive shells. Move key functions needed by those scripts to initrd/etc/ash_functions. Source ash_functions instead of functions in those scripts, so any bashisms in other functions won't break parsing of the script in ash. Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2023-03-07 15:10:32 +00:00
# NOTE: This script is used on legacy-flash boards and runs with busybox ash,
# not bash
Add generic flash script Based on the conversation for PR #406, we decided to go with a more generic script for general-purpose flashing instead of having individual (and therefore very similar) flash scripts for each board type. This script currently handles flashrom on Librem and X230 board types and introduces a new CONFIG_BOARD option that sets specific flashrom arguments based on the board. It also adds support to gui-init to call this flash script.
2018-05-11 19:27:50 +00:00
set -e -o pipefail
*-flash.init: Use busybox ash Busybox no longer has CONFIG_BASH since we are deploying bash on most boards. We also should clearly indicate which scripts cannot use bashisms. Change shebang in x230-flash.init, t430-flash.init, flash.sh to /bin/ash. Execute /bin/sh for interactive shells. Move key functions needed by those scripts to initrd/etc/ash_functions. Source ash_functions instead of functions in those scripts, so any bashisms in other functions won't break parsing of the script in ash. Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2023-03-07 15:10:32 +00:00
. /etc/ash_functions
Use global /tmp/config that combines multiple config files As part of the config gui we want to be able to have the system define new config options without them being lost if the user makes their own changes in CBFS. To allow that this change creates a function initiated in init that combines all /etc/config* files into /tmp/config. All existing scripts have been changed to source /tmp/config instead of /etc/config. The config-gui.sh script now uses /etc/config.user to hold user configuration options but the combine_configs function will allow that to expand as others want to split configuration out further. As it stands here are the current config files: /etc/config -- Compiled-in configuration options /etc/config.user -- User preferences that override /etc/config /tmp/config -- Running config referenced by the BIOS, combination of existing configs
2018-12-06 23:24:28 +00:00
. /tmp/config
Add generic flash script Based on the conversation for PR #406, we decided to go with a more generic script for general-purpose flashing instead of having individual (and therefore very similar) flash scripts for each board type. This script currently handles flashrom on Librem and X230 board types and introduces a new CONFIG_BOARD option that sets specific flashrom arguments based on the board. It also adds support to gui-init to call this flash script.
2018-05-11 19:27:50 +00:00
modules/flashrom: Update to 1776bb46 Update flashrom - in particular, this includes support for new chipsets like Jasper Lake. CONFIG_INTERAL_X86 was created so CONFIG_INTERNAL could apply to other platforms, enable it for x86. The default build target now requires sphinx, just build flashrom itself. Update flashrom_progress - filter out noise in newer flashrom that chokes the progress bar implementation, make size detection more robust, improve progress bar implementation slightly. Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm> Co-signed by: Thierry Laurion <insurgo@riseup.net.
2023-06-23 16:21:49 +00:00
echo
Add TRACE function tracing function to output on console when enabled - Add TRACE function tracing output under etc/functions, depending on CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT enabled in board configs - Replace current DEBUG to TRACE calls in code, reserving DEBUG calls for more verbose debugging later on (output of variables etc) - add 'export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y' in qemu-coreboot(fb)whiptail-tpm1(-hotp) boards to see it in action
2023-02-20 16:01:17 +00:00
TRACE "Under /bin/flash.sh"
All scripts and functions: Add DEBUG calling trace on console when CONFIG_DEBUG_OUTPUT is exported in board config -qemu-coreboot-*whiptail-tpm1(-hotp) boards have 'export CONFIG_DEBUG_OUTPUT=y' by default now
2023-02-18 17:58:43 +00:00
flash.sh: FLASHROM_OPTIONS->FLASH_OPTIONS: require FLASH_OPTIONS to specify flash program in board configs - boards: switch flashrom->flashprog, FLASH_OPTIONS: flashprog memory --progress --programmer internal TODO: check, Might break: - xx20 : x220/t420/t520: used hwseq: verify compat - legacy : not sure --ifd bios are support: verify compat (and drop, future PR drop legacy boards anyway...) - talos: linux_mtd is used: verify compat Tested: - x230 works with awesome progress bar on read, erase and write. Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-09-01 19:02:42 +00:00
case "$CONFIG_FLASH_OPTIONS" in
"" )
flash.sh: remove last references in code to flashrom, use more generic FLASH_OPTIONS instead, might cchange in the future. Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-09-11 01:12:56 +00:00
die "ERROR: No flash options have been configured!\n\nEach board requires specific CONFIG_FLASH_OPTIONS options configured. It's unsafe to flash without them.\n\nAborting."
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
;;
Add generic flash script Based on the conversation for PR #406, we decided to go with a more generic script for general-purpose flashing instead of having individual (and therefore very similar) flash scripts for each board type. This script currently handles flashrom on Librem and X230 board types and introduces a new CONFIG_BOARD option that sets specific flashrom arguments based on the board. It also adds support to gui-init to call this flash script.
2018-05-11 19:27:50 +00:00
* )
flash.sh: FLASHROM_OPTIONS->FLASH_OPTIONS: require FLASH_OPTIONS to specify flash program in board configs - boards: switch flashrom->flashprog, FLASH_OPTIONS: flashprog memory --progress --programmer internal TODO: check, Might break: - xx20 : x220/t420/t520: used hwseq: verify compat - legacy : not sure --ifd bios are support: verify compat (and drop, future PR drop legacy boards anyway...) - talos: linux_mtd is used: verify compat Tested: - x230 works with awesome progress bar on read, erase and write. Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-09-01 19:02:42 +00:00
DEBUG "Flash options detected: $CONFIG_FLASH_OPTIONS"
echo "Board $CONFIG_BOARD detected with flash options configured. Continuing..."
Add generic flash script Based on the conversation for PR #406, we decided to go with a more generic script for general-purpose flashing instead of having individual (and therefore very similar) flash scripts for each board type. This script currently handles flashrom on Librem and X230 board types and introduces a new CONFIG_BOARD option that sets specific flashrom arguments based on the board. It also adds support to gui-init to call this flash script.
2018-05-11 19:27:50 +00:00
;;
esac
flash_rom() {
ROM=$1
Add read mode to flash.sh If we want to modify a running BIOS we will need the ability to pull down the current BIOS, modify it, and then reflash. This change adds a read option to flash.sh and pulls down three versions of the BIOS and only exists successfully if all three match.
2018-05-15 23:24:24 +00:00
if [ "$READ" -eq 1 ]; then
flash.sh: FLASHROM_OPTIONS->FLASH_OPTIONS: require FLASH_OPTIONS to specify flash program in board configs - boards: switch flashrom->flashprog, FLASH_OPTIONS: flashprog memory --progress --programmer internal TODO: check, Might break: - xx20 : x220/t420/t520: used hwseq: verify compat - legacy : not sure --ifd bios are support: verify compat (and drop, future PR drop legacy boards anyway...) - talos: linux_mtd is used: verify compat Tested: - x230 works with awesome progress bar on read, erase and write. Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-09-01 19:02:42 +00:00
$CONFIG_FLASH_OPTIONS -r "${ROM}" \
flash.sh: replace die calls by recovery calls where relevant otherwise returning to caller without being useful Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-09-01 22:44:52 +00:00
|| recovery "Backup to $ROM failed"
Add read mode to flash.sh If we want to modify a running BIOS we will need the ability to pull down the current BIOS, modify it, and then reflash. This change adds a read option to flash.sh and pulls down three versions of the BIOS and only exists successfully if all three match.
2018-05-15 23:24:24 +00:00
else
cp "$ROM" /tmp/${CONFIG_BOARD}.rom
sha256sum /tmp/${CONFIG_BOARD}.rom
if [ "$CLEAN" -eq 0 ]; then
preserve_rom /tmp/${CONFIG_BOARD}.rom \
flash.sh: replace die calls by recovery calls where relevant otherwise returning to caller without being useful Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-09-01 22:44:52 +00:00
|| recovery "$ROM: Config preservation failed"
Add read mode to flash.sh If we want to modify a running BIOS we will need the ability to pull down the current BIOS, modify it, and then reflash. This change adds a read option to flash.sh and pulls down three versions of the BIOS and only exists successfully if all three match.
2018-05-15 23:24:24 +00:00
fi
flash.sh: persist serial in cbfs Librem devices store their serial number as a text file in cbfs; persist this across flashes. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-08-01 03:53:04 +00:00
# persist serial number from CBFS
Add cbfs wrapper script to handle PNOR Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-10-09 21:24:16 +00:00
if cbfs.sh -r serial_number > /tmp/serial 2>/dev/null; then
flash.sh: persist serial in cbfs Librem devices store their serial number as a text file in cbfs; persist this across flashes. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-08-01 03:53:04 +00:00
echo "Persisting system serial"
Add cbfs wrapper script to handle PNOR Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-10-09 21:24:16 +00:00
cbfs.sh -o /tmp/${CONFIG_BOARD}.rom -d serial_number 2>/dev/null || true
cbfs.sh -o /tmp/${CONFIG_BOARD}.rom -a serial_number -f /tmp/serial
flash.sh: persist serial in cbfs Librem devices store their serial number as a text file in cbfs; persist this across flashes. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-08-01 03:53:04 +00:00
fi
Add new board: Purism Librem Server L1UM (#858) * modules/coreboot: add option to use coreboot 4.11 Port patches from coreboot 4.8.1 to 4.11: * 0000-measure-boot -> 0001 * 0010-cross-compiler-support All other patches for coreboot 4.8.1 have either already been integrated, or are for platforms which do not need to be migrated to coreboot 4.11 (they will move to 4.12 or newer). Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * patches/coreboot-4.11: Add Broadwell-DE platform patch Add a patch for FSP Broadwell-DE to make use of Heads' measured boot. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * patches/coreboot-4.11: Add patch to read serial # from CBFS Will be used by multiple Librem boards. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * patches/coreboot-4.11: add board support for Librem Server L1UM Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * Librem Server L1UM: add new board Add board config, coreboot config, kernel config files. Add conditional purism-blobs dependency to coreboot-4.11 module. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * flash.sh: add special handling for librem_l1um board Add support for persisting PCIe config via PCHSTRP9 in flash descriptor. This is needed to support multiple variants of the L1UM server which use the same firmware but differ in PCIe lane configuration via the PCH straps configuration in the flash descriptor. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * patches/coreboot-4.11: Add 'Use PRIxPTR to print uintptr_t' patch Cherry-picked from upstream coreboot (post-4.11), fixes compilation issue. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * CircleCI: add target to build board librem_l1um Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-10-18 18:48:25 +00:00
# persist PCHSTRP9 from flash descriptor
if [ "$CONFIG_BOARD" = "librem_l1um" ]; then
echo "Persisting PCHSTRP9"
flash.sh: FLASHROM_OPTIONS->FLASH_OPTIONS: require FLASH_OPTIONS to specify flash program in board configs - boards: switch flashrom->flashprog, FLASH_OPTIONS: flashprog memory --progress --programmer internal TODO: check, Might break: - xx20 : x220/t420/t520: used hwseq: verify compat - legacy : not sure --ifd bios are support: verify compat (and drop, future PR drop legacy boards anyway...) - talos: linux_mtd is used: verify compat Tested: - x230 works with awesome progress bar on read, erase and write. Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-09-01 19:02:42 +00:00
$CONFIG_FLASH_OPTIONS -r /tmp/ifd.bin --ifd -i fd >/dev/null 2>&1 \
Add new board: Purism Librem Server L1UM (#858) * modules/coreboot: add option to use coreboot 4.11 Port patches from coreboot 4.8.1 to 4.11: * 0000-measure-boot -> 0001 * 0010-cross-compiler-support All other patches for coreboot 4.8.1 have either already been integrated, or are for platforms which do not need to be migrated to coreboot 4.11 (they will move to 4.12 or newer). Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * patches/coreboot-4.11: Add Broadwell-DE platform patch Add a patch for FSP Broadwell-DE to make use of Heads' measured boot. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * patches/coreboot-4.11: Add patch to read serial # from CBFS Will be used by multiple Librem boards. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * patches/coreboot-4.11: add board support for Librem Server L1UM Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * Librem Server L1UM: add new board Add board config, coreboot config, kernel config files. Add conditional purism-blobs dependency to coreboot-4.11 module. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * flash.sh: add special handling for librem_l1um board Add support for persisting PCIe config via PCHSTRP9 in flash descriptor. This is needed to support multiple variants of the L1UM server which use the same firmware but differ in PCIe lane configuration via the PCH straps configuration in the flash descriptor. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * patches/coreboot-4.11: Add 'Use PRIxPTR to print uintptr_t' patch Cherry-picked from upstream coreboot (post-4.11), fixes compilation issue. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm> * CircleCI: add target to build board librem_l1um Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-10-18 18:48:25 +00:00
|| die "Failed to read flash descriptor"
dd if=/tmp/ifd.bin bs=1 count=4 skip=292 of=/tmp/pchstrp9.bin >/dev/null 2>&1
dd if=/tmp/pchstrp9.bin bs=1 count=4 seek=292 of=/tmp/${CONFIG_BOARD}.rom conv=notrunc >/dev/null 2>&1
fi
Add generic flash script Based on the conversation for PR #406, we decided to go with a more generic script for general-purpose flashing instead of having individual (and therefore very similar) flash scripts for each board type. This script currently handles flashrom on Librem and X230 board types and introduces a new CONFIG_BOARD option that sets specific flashrom arguments based on the board. It also adds support to gui-init to call this flash script.
2018-05-11 19:27:50 +00:00
Improve TPM Extend infor in normal and DEBUG mode cbfs-init: remove temp files, measure direct cbfs output, extend PCR with proper introspection tracing flash.sh: do not die but go to recovery if flashrom fails, cosmetic fix for warning given to user kexec-insert-key: extend PCR with proper introspection tracing kexec-select-boot: extend PCR with proper introspection tracing kexec-measure-luks: extend PCR with proper introspection tracing tpmr: Add missing TRACE_FUNC, fix comments, extend give hash that was extended to tpm call in DEBUG, fix TPM startsession unsuppressed output still present ash_functions: extend PCR with proper introspection tracing insmod: DEBUG info more pertinent, extend PCR with proper introspection tracing Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-08-24 16:49:10 +00:00
warn "Do not power off computer. Updating firmware, this will take a few minutes"
flash.sh: FLASHROM_OPTIONS->FLASH_OPTIONS: require FLASH_OPTIONS to specify flash program in board configs - boards: switch flashrom->flashprog, FLASH_OPTIONS: flashprog memory --progress --programmer internal TODO: check, Might break: - xx20 : x220/t420/t520: used hwseq: verify compat - legacy : not sure --ifd bios are support: verify compat (and drop, future PR drop legacy boards anyway...) - talos: linux_mtd is used: verify compat Tested: - x230 works with awesome progress bar on read, erase and write. Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-09-01 19:02:42 +00:00
$CONFIG_FLASH_OPTIONS -w /tmp/${CONFIG_BOARD}.rom 2>&1 \
Improve TPM Extend infor in normal and DEBUG mode cbfs-init: remove temp files, measure direct cbfs output, extend PCR with proper introspection tracing flash.sh: do not die but go to recovery if flashrom fails, cosmetic fix for warning given to user kexec-insert-key: extend PCR with proper introspection tracing kexec-select-boot: extend PCR with proper introspection tracing kexec-measure-luks: extend PCR with proper introspection tracing tpmr: Add missing TRACE_FUNC, fix comments, extend give hash that was extended to tpm call in DEBUG, fix TPM startsession unsuppressed output still present ash_functions: extend PCR with proper introspection tracing insmod: DEBUG info more pertinent, extend PCR with proper introspection tracing Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-08-24 16:49:10 +00:00
|| recovery "$ROM: Flash failed"
Add read mode to flash.sh If we want to modify a running BIOS we will need the ability to pull down the current BIOS, modify it, and then reflash. This change adds a read option to flash.sh and pulls down three versions of the BIOS and only exists successfully if all three match.
2018-05-15 23:24:24 +00:00
fi
Add generic flash script Based on the conversation for PR #406, we decided to go with a more generic script for general-purpose flashing instead of having individual (and therefore very similar) flash scripts for each board type. This script currently handles flashrom on Librem and X230 board types and introduces a new CONFIG_BOARD option that sets specific flashrom arguments based on the board. It also adds support to gui-init to call this flash script.
2018-05-11 19:27:50 +00:00
}
Add read mode to flash.sh If we want to modify a running BIOS we will need the ability to pull down the current BIOS, modify it, and then reflash. This change adds a read option to flash.sh and pulls down three versions of the BIOS and only exists successfully if all three match.
2018-05-15 23:24:24 +00:00
if [ "$1" == "-c" ]; then
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
CLEAN=1
Add read mode to flash.sh If we want to modify a running BIOS we will need the ability to pull down the current BIOS, modify it, and then reflash. This change adds a read option to flash.sh and pulls down three versions of the BIOS and only exists successfully if all three match.
2018-05-15 23:24:24 +00:00
READ=0
ROM="$2"
elif [ "$1" == "-r" ]; then
CLEAN=0
READ=1
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
ROM="$2"
Add read mode to flash.sh If we want to modify a running BIOS we will need the ability to pull down the current BIOS, modify it, and then reflash. This change adds a read option to flash.sh and pulls down three versions of the BIOS and only exists successfully if all three match.
2018-05-15 23:24:24 +00:00
touch $ROM
Add generic flash script Based on the conversation for PR #406, we decided to go with a more generic script for general-purpose flashing instead of having individual (and therefore very similar) flash scripts for each board type. This script currently handles flashrom on Librem and X230 board types and introduces a new CONFIG_BOARD option that sets specific flashrom arguments based on the board. It also adds support to gui-init to call this flash script.
2018-05-11 19:27:50 +00:00
else
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
CLEAN=0
Add read mode to flash.sh If we want to modify a running BIOS we will need the ability to pull down the current BIOS, modify it, and then reflash. This change adds a read option to flash.sh and pulls down three versions of the BIOS and only exists successfully if all three match.
2018-05-15 23:24:24 +00:00
READ=0
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
ROM="$1"
fi
if [ ! -e "$ROM" ]; then
flash-gui.sh: accept tgz package for Talos boards Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-11-05 22:13:05 +00:00
die "Usage: $0 [-c|-r] <path/to/image.(rom|tgz)>"
fi
if [ "$READ" -eq 0 ] && [ "${ROM##*.}" = tgz ]; then
if [ "${CONFIG_BOARD%_*}" = talos-2 ]; then
rm -rf /tmp/verified_rom
mkdir /tmp/verified_rom
talos II: die when tgz archive is corrupt
2022-11-14 23:05:32 +00:00
tar -C /tmp/verified_rom -xf $ROM || die "Rom archive $ROM could not be extracted"
Talos-2 fixes to comply with hashing file standard. Bypass flash-gui.sh prompt when talos-2 ato validate hashes against hashes provided under tgz through flash.sh validation (still offer zip and tgz, which tgz might change to zip later but only tgz offered through builds) Attempt to address https://github.com/linuxboot/heads/pull/1526#issuecomment-1811185197 Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2023-11-15 15:00:37 +00:00
if ! (cd /tmp/verified_rom/ && sha256sum -cs sha256sum.txt); then
flash-gui.sh: accept tgz package for Talos boards Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-11-05 22:13:05 +00:00
die "Provided tgz image did not pass hash verification"
fi
echo "Reading current flash and building an update image"
flash.sh: FLASHROM_OPTIONS->FLASH_OPTIONS: require FLASH_OPTIONS to specify flash program in board configs - boards: switch flashrom->flashprog, FLASH_OPTIONS: flashprog memory --progress --programmer internal TODO: check, Might break: - xx20 : x220/t420/t520: used hwseq: verify compat - legacy : not sure --ifd bios are support: verify compat (and drop, future PR drop legacy boards anyway...) - talos: linux_mtd is used: verify compat Tested: - x230 works with awesome progress bar on read, erase and write. Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-09-01 19:02:42 +00:00
$CONFIG_FLASH_OPTIONS -r /tmp/flash.sh.bak \
flash.sh: replace die calls by recovery calls where relevant otherwise returning to caller without being useful Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-09-01 22:44:52 +00:00
|| recovery "Read of flash has failed"
flash-gui.sh: accept tgz package for Talos boards Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-11-05 22:13:05 +00:00
# ROM and bootblock already have ECC
bootblock=$(echo /tmp/verified_rom/*.bootblock)
rom=$(echo /tmp/verified_rom/*.rom)
kernel=$(echo /tmp/verified_rom/*-zImage.bundled)
pnor /tmp/flash.sh.bak -aw HBB < $bootblock
pnor /tmp/flash.sh.bak -aw HBI < $rom
pnor /tmp/flash.sh.bak -aw BOOTKERNEL < $kernel
rm -rf /tmp/verified_rom
ROM=/tmp/flash.sh.bak
else
die "$CONFIG_BOARD doesn't support tgz image format"
fi
Add generic flash script Based on the conversation for PR #406, we decided to go with a more generic script for general-purpose flashing instead of having individual (and therefore very similar) flash scripts for each board type. This script currently handles flashrom on Librem and X230 board types and introduces a new CONFIG_BOARD option that sets specific flashrom arguments based on the board. It also adds support to gui-init to call this flash script.
2018-05-11 19:27:50 +00:00
fi
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
flash_rom $ROM
flash-gui.sh: accept tgz package for Talos boards Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
2022-11-05 22:13:05 +00:00
# don't leave temporary files lying around
rm -f /tmp/flash.sh.bak
Add generic flash script Based on the conversation for PR #406, we decided to go with a more generic script for general-purpose flashing instead of having individual (and therefore very similar) flash scripts for each board type. This script currently handles flashrom on Librem and X230 board types and introduces a new CONFIG_BOARD option that sets specific flashrom arguments based on the board. It also adds support to gui-init to call this flash script.
2018-05-11 19:27:50 +00:00
exit 0
Reference in New Issue Copy Permalink