Update X220 to do generic image instead of qubes.

Also added a script to extract the necessary blobs from a bios
dump image.

blobs/x220/.gitignore

@@ -0,0 +1,3 @@
+gbe.bin
+me.bin
+ifd.bin

blobs/x220/extract.sh

@@ -0,0 +1,64 @@
+#!/bin/bash
+
+function printusage {
+  echo "Usage: $0 -f <romdump> -m <me_cleaner>(optional) -i <ifdtool>(optional)"
+  exit 0
+}
+
+if [ "$#" -eq 0 ]; then printusage; fi
+
+while getopts ":f:m:i:" opt; do
+  case $opt in
+    f)
+      FILE="$OPTARG"
+      ;;
+    m)
+      if [ -x "$OPTARG" ]; then
+        MECLEAN="$OPTARG"
+      fi
+      ;;
+    i)
+      if [ -x "$OPTARG" ]; then
+        IFDTOOL="$OPTARG"
+      fi
+      ;;
+  esac
+done
+
+if [ -z "$MECLEAN" ]; then
+  MECLEAN=`command -v me_cleaner.py 2>&1`
+  if [ -z "$MECLEAN" ]; then
+    echo "me_cleaner.py required but not found or specified with -m. Aborting."
+    exit 1;
+  fi
+fi
+
+if [ -z "$IFDTOOL" ]; then
+  IFDTOOL=`command -v ifdtool 2>&1`
+  if [ -z "$IFDTOOL" ]; then
+    echo "ifdtool required but not found or specified with -m. Aborting."
+    exit 1;
+  fi
+fi
+
+echo "FILE: $FILE"
+echo "ME: $MECLEAN"
+echo "IFD: $IFDTOOL"
+
+bioscopy=$(mktemp)
+extractdir=$(mktemp -d)
+BLOBDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+cp "$FILE" $bioscopy
+
+cd "$extractdir"
+$IFDTOOL -x $bioscopy
+cp "$extractdir/flashregion_3_gbe.bin" "$BLOBDIR/gbe.bin"
+$MECLEAN -O "$BLOBDIR/me.bin" -r -t "$extractdir/flashregion_2_intel_me.bin"
+$IFDTOOL -n "$BLOBDIR/layout.txt" $bioscopy
+$IFDTOOL -x $bioscopy.new
+cp "$extractdir/flashregion_0_flashdescriptor.bin" "$BLOBDIR/ifd.bin"
+
+rm "$bioscopy"
+rm "$bioscopy.new"
+rm -r "$extractdir"

blobs/x220/readme.md

@@ -1,7 +1,7 @@
 To build for X220 we need to have the following files in this folder:
 * `me.bin` - ME binary that has been stripped and truncated with me_cleaner
 * `gbe.bin` - Network card blob from the original firmware
-* `ifd.bin` - Flash layout file has been provided, layout.txt is also present for changes
+* `ifd.bin` - Flash layout file has been provided as text
 
 To get the binaries, start with a copy of the original lenovo firmware image.
 If you do not have one already, you can read one out from the laptops SPI flash.
@@ -10,22 +10,19 @@ If you do not have one already, you can read one out from the laptops SPI flash.
 flashrom --programmer internal:laptop=force_I_want_a_brick -r original.bin
 ```
 
-Once you have the image, run `ifdtool` to extract the parts.
+Once you have the image, the provided extraction script will extract the files needed.
 
 ```
-ifdtool -x origin.bin
+./extract.sh -f <romdump>
 ```
 
-Rename `flashregion_3_gbe.bin` to `gbe.bin`
+Use the options '-m' and '-i' to provide me_cleaner and ifdtool if they can not be located
+automatically.
 
-To truncate and neuter the ME blob (this can be done automatically in coreboot 4.6):
-
-```
-me_cleaner -r -t -O me.bin flashregion_2_intel_me.bin"
-```
+The flash layout will be automatically adjusted and the ME image cleaned and truncated.
 
 You can now compile the image with:
 
 ```
-make CONFIG=config/x220-qubes.config
+make CONFIG=config/x220-generic.config
 ```

config/x220-generic.config

@@ -1,4 +1,4 @@
-# Configuration for a x220 running Qubes OS
+# Configuration for a x220 running non-Qubes
 BOARD=x220
 
 CONFIG_CRYPTSETUP=y
@@ -18,8 +18,9 @@ CONFIG_DROPBEAR=y
 CONFIG_LINUX_USB=y
 CONFIG_LINUX_E1000E=y
 
-CONFIG_BOOTSCRIPT=/bin/qubes-init
+CONFIG_BOOTSCRIPT=/bin/generic-init
 
-# Disks encrypted by the TPM LUKS key
-CONFIG_QUBES_BOOT_DEV="/dev/sda1"
-CONFIG_QUBES_VG="qubes_dom0"
+CONFIG_BOOT_REQ_HASH=n
+CONFIG_BOOT_REQ_ROLLBACK=n
+CONFIG_BOOT_DEV="/dev/sda1"
+CONFIG_USB_BOOT_DEV="/dev/sdb1"