ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-18 20:47:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
master
heads/blobs/xx30/download_clean_me_manually.sh
Manuel Mendez d396236a83
Remove hard coded paths in shebang lines 
Remove hard coded paths from shebangs and other references because they
do not play well in nix-land. Either use /usr/bin/env to do runtime PATH
based lookup or avoid absolute paths so PATH look up happens instead.

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
Signed-off-by: Manuel Mendez <github@i.m.mmlb.dev>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-05-02 13:00:22 -04:00

70 lines
2.5 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
function printusage {
echo "Usage: $0 -m <me_cleaner>(optional)"
}
BLOBDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
FINAL_ME_BIN_SHA256SUM="c140d04d792bed555e616065d48bdc327bb78f0213ccc54c0ae95f12b28896a4 $BLOBDIR/me.bin"
ME_EXE_SHA256SUM="f60e1990e2da2b7efa58a645502d22d50afd97b53a092781beee9b0322b61153 g1rg24ww.exe"
ME8_5M_PRODUCTION_SHA256SUM="821c6fa16e62e15bc902ce2e958ffb61f63349a471685bed0dc78ce721a01bfa app/ME8_5M_Production.bin"
if [ "$#" -eq 0 ]; then printusage; fi
while getopts ":m:" opt; do
case $opt in
m)
if [ -x "$OPTARG" ]; then
MECLEAN="$OPTARG"
fi
;;
*)
;;
esac
done
if [ -e "$BLOBDIR/me.bin" ]; then
echo "$BLOBDIR/me.bin found..."
if ! echo "$FINAL_ME_BIN_SHA256SUM" | sha256sum --check; then
echo "$BLOBDIR/me.bin doesn't pass integrity validation. Continuing..."
rm -f "$BLOBDIR/me.bin"
else
echo "$BLOBDIR/me.bin already extracted and neutered outside of ROMP and BUP"
exit 0
fi
fi
if [ -z "$MECLEAN" ]; then
MECLEAN=$(command -v "$BLOBDIR/../../build/x86/coreboot-"*/util/me_cleaner/me_cleaner.py 2>&1 | head -n1)
if [ -z "$MECLEAN" ]; then
echo "me_cleaner.py required but not found or specified with -m. Aborting."
exit 1
fi
fi
echo "### Creating temp dir"
extractdir=$(mktemp -d)
cd "$extractdir" || exit
echo "### Downloading https://download.lenovo.com/pccbbs/mobiles/g1rg24ww.exe..."
wget https://download.lenovo.com/pccbbs/mobiles/g1rg24ww.exe || { echo "ERROR: wget not found" && exit 1; }
echo "### Verifying expected hash of g1rg24ww.exe"
echo "$ME_EXE_SHA256SUM" | sha256sum --check || { echo "Failed sha256sum verification on downloaded binary..." && exit 1; }
echo "### Extracting g1rg24ww.exe..."
innoextract ./g1rg24ww.exe || { echo "Failed calling innoextract. Tool installed on host?" && exit 1; }
echo "### Verifying expected hash of app/ME8_5M_Production.bin"
echo "$ME8_5M_PRODUCTION_SHA256SUM" | sha256sum --check || { echo "Failed sha256sum verification on extracted binary..." && exit 1; }
bioscopy="some_value" # Assign a value to the bioscopy variable
echo "### Applying me_cleaner to neuter+deactivate+maximize reduction of ME on $bioscopy, outputting minimized ME under $BLOBDIR/me.bin... "
"$MECLEAN" -r -t -O "$BLOBDIR/me.bin" app/ME8_5M_Production.bin
echo "### Verifying expected hash of me.bin"
echo "$FINAL_ME_BIN_SHA256SUM" | sha256sum --check || { echo "Failed sha256sum verification on final binary..." && exit 1; }
echo "### Cleaning up..."
cd - >/dev/null
rm -r "$extractdir"
Reference in New Issue View Git Blame Copy Permalink