kxtzownsu/KVS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fully working shim builder + ui fixes :3

Browse Source
This commit is contained in:
kxtzownsu 2024-03-10 23:34:50 -04:00
parent b1121d1dd3
commit f0734e3312
15 changed files with 198 additions and 274 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
builder/bins/cgpt.x86-64 Executable file
View File

Binary file not shown.

BIN
builder/bins/sfdisk.x86-64 Executable file
View File

Binary file not shown.

69
builder/builder.sh
View File

@ -2,44 +2,47 @@
SCRIPT_DIR=$(dirname "$0")
VERSION=1
HOST_ARCH=$(lscpu | grep Architecture | awk '{print $2}')
if [ $HOST_ARCH == "x86_64" ]; then
CGPT="$SCRIPT_DIR/bins/cgpt.x86-64"
SFDISK="$SCRIPT_DIR/bins/sfdisk.x86-64"
else
CGPT="$SCRIPT_DIR/bins/cgpt.aarch64"
SFDISK="$SCRIPT_DIR/bins/sfdisk.aarch64"
fi
source $SCRIPT_DIR/functions.sh
echo "KVS Shim Builder v$VERSION"
echo "-=-=-=-=-=-=-=-=-=-"
echo "fdisk, e2fsprogs required. must be ran as root"
echo "gdisk, e2fsprogs required. must be ran as root"
echo "-=-=-=-=-=-=-=-=-=-"
[ "$EUID" -ne 0 ] && error "Please run as root"
[ "$1" == "" ] && error "No shim specified."
STATE_SIZE=$((4 * 1024 * 1024)) # 4 MiB
# Stateful is REALLY small, only about 45K with a full one.
STATE_SIZE=$((1 * 1024 * 1024)) # 1MiB
STATE_MNT="$(mktemp -d)"
ROOT_MNT="$(mktemp -d)"
LOOPDEV="$(losetup -f)"
IMG="$1"
echo "loop: $LOOPDEV"
echo "root mount: $ROOT_MNT"
echo "state mount: $STATE_MNT"
echo "state size: $STATE_SIZE"
echo "shim: $IMG"
echo "-=-=-=-=-=-=-=-=-=-"
echo "Before building, huge credits to the MercuryWorkshop team for their work on wax,"
echo "some of this builder would have been impossible without it, at least with my disk knowledge"
echo "Press ENTER to continue, CTRL+C to quit"
echo "-=-=-=-=-=-=-=-=-=-=-"
echo "Press ENTER to continue building!"
read -r
sfdisk -d "$IMG" > pre-mod.txt
echo "-=-=-=-=-=-=-=-=-=-=-"
#we need this before we re-create stateful
STATE_START=$(cgpt show "$IMG" | grep "STATE" | awk '{print $1}')
shrink_partitions "$IMG"
STATE_START=$("$CGPT" show "$IMG" | grep "STATE" | awk '{print $1}')
suppress shrink_partitions "$IMG"
losetup -P "$LOOPDEV" "$IMG"
enable_rw_mount "$LOOPDEV"p3
enable_rw_mount "${LOOPDEV}p3"
log "Correcting GPT errors.."
fdisk -l "$LOOPDEV"
fdisk "$LOOPDEV" <<EOF
suppress fdisk "$LOOPDEV" <<EOF
w
EOF
@ -49,28 +52,34 @@ safesync
shrink_root
safesync
squash_partitions "$LOOPDEV"
safesync
create_stateful
safesync
inject_stateful
safesync
cleanup
umount_all
safesync
log "pre-truncate"
fdisk -l "$IMG"
sfdisk -d "$IMG" > pre-truncate.txt
squash_partitions "$LOOPDEV"
safesync
log "Checking for anti-skid lock..."
if [ "$2" == "--antiskid" ]; then
echo "Skid lock found!"
echo "Disabling RW mount.."
disable_rw_mount "${LOOPDEV}p3"
else
echo "Skid lock disabled.."
echo "Enabling RW Mount.."
enable_rw_mount "${LOOPDEV}p3"
fi
cleanup
safesync
truncate_image "$IMG"
safesync
log "post-truncate"
fdisk -l "$IMG"
sfdisk -d "$IMG" > post-truncate.txt
log "Done building!"
log "Done building KVS!"
trap - EXIT

43
builder/functions.sh Normal file → Executable file
View File

@ -23,18 +23,18 @@ safesync(){
}
log() {
printf "%b\n" "${COLOR_GREEN}Info: $*${COLOR_RESET}"
printf "%b\n" "${COLOR_BLUE_B}Info: $*${COLOR_RESET}"
}
cleanup(){
umount "$ROOT_MNT"
suppress umount "$ROOT_MNT"
rm -rf "$ROOT_MNT"
umount "$STATE_MNT"
suppress umount "$STATE_MNT"
rm -rf "$STATE_MNT"
umount -R "$LOOPDEV"*
suppress umount -R "$LOOPDEV"*
losetup -d "$LOOPDEV"
losetup -D #in case of cmd above failing
@ -55,11 +55,11 @@ suppress() {
}
get_sector_size() {
fdisk -l "$1" | grep "Sector size" | awk '{print $4}'
"$SFDISK" -l "$1" | grep "Sector size" | awk '{print $4}'
}
get_final_sector() {
fdisk -l -o end "$1" | grep "^\s*[0-9]" | awk '{print $1}' | sort -nr | head -n 1
"$SFDISK" -l -o end "$1" | grep "^\s*[0-9]" | awk '{print $1}' | sort -nr | head -n 1
}
is_ext2() {
@ -83,7 +83,6 @@ enable_rw_mount() {
if ! is_ext2 "$rootfs" $offset; then
echo "enable_rw_mount called on non-ext2 filesystem: $rootfs $offset" 1>&2
return 1
exit 1
fi
local ro_compat_offset=$((0x464 + 3))
@ -136,7 +135,7 @@ EOF
truncate_image() {
local buffer=35
local sector_size=$(fdisk -l "$1" | grep "Sector size" | awk '{print $4}')
local sector_size=$("$SFDISK" -l "$1" | grep "Sector size" | awk '{print $4}')
local final_sector=$(get_final_sector "$1")
local end_bytes=$(((final_sector + buffer) * sector_size))
@ -156,12 +155,8 @@ create_stateful(){
log "Creating KVS/Stateful Partition"
local final_sector=$(get_final_sector "$LOOPDEV")
local sector_size=$(get_sector_size "$LOOPDEV")
echo $final_sector
echo $sector_size
# special UUID is from grunt shim, dunno if this is different on other shims
cgpt add "$LOOPDEV" -i 1 -b "$STATE_START" -s $((STATE_SIZE / sector_size)) -t "9CC433E4-52DB-1F45-A951-316373C30605"
"$CGPT" add "$LOOPDEV" -i 1 -b $((final_sector + 1)) -s $((STATE_SIZE / sector_size)) -t "9CC433E4-52DB-1F45-A951-316373C30605"
partx -u -n 1 "$LOOPDEV"
suppress mkfs.ext4 -F -L KVS "$LOOPDEV"p1
safesync
@ -189,31 +184,31 @@ shrink_root() {
local block_size=$(tune2fs -l "${LOOPDEV}p3" | grep "Block size" | awk '{print $3}')
local block_count=$(tune2fs -l "${LOOPDEV}p3" | grep "Block count" | awk '{print $3}')
local original_sectors=$(cgpt show -i 3 -s -n -q "$LOOPDEV")
local original_sectors=$("$CGPT" show -i 3 -s -n -q "$LOOPDEV")
local original_bytes=$((original_sectors * sector_size))
local resized_bytes=$((block_count * block_size))
local resized_sectors=$((resized_bytes / sector_size))
echo "Resizing ROOT from $(format_bytes ${original_bytes}) to $(format_bytes ${resized_bytes})"
cgpt add -i 3 -s "$resized_sectors" "$LOOPDEV"
"$CGPT" add -i 3 -s "$resized_sectors" "$LOOPDEV"
partx -u -n 3 "$LOOPDEV"
echo "Done shrinking root."
}
inject_root(){
log "Injecting ROOT-A Partition"
echo "Mounting root.."
enable_rw_mount "$LOOPDEV"p3
mount "$LOOPDEV"p3 "$ROOT_MNT"
suppress enable_rw_mount "$LOOPDEV"p3
suppress mount "$LOOPDEV"p3 "$ROOT_MNT"
echo "Copying files.."
cp -r "$SCRIPT_DIR"/root/* "$ROOT_MNT"
umount "$ROOT_MNT"
suppress cp -r "$SCRIPT_DIR"/root/* "$ROOT_MNT"
echo "$(date +'%m-%d-%Y %I:%M%p %Z')" > "$ROOT_MNT"/DATE_COMPILED
suppress umount "$ROOT_MNT"
}
get_parts_physical_order() {
local part_table=$(cgpt show -q "$1")
local part_table=$("$CGPT" show -q "$1")
local physical_parts=$(awk '{print $1}' <<<"$part_table" | sort -n)
for part in $physical_parts; do
grep "^\s*${part}\s" <<<"$part_table" | awk '{print $3}'
@ -225,6 +220,10 @@ squash_partitions() {
for part in $(get_parts_physical_order "$1"); do
echo "Squashing ${1}p${part}"
suppress sfdisk -N "$part" --move-data "$1" <<<"+,-" || :
suppress "$SFDISK" -N "$part" --move-data "$1" <<<"+,-" || :
done
}
umount_all(){
suppress umount -R "$LOOPDEV"*
}

1
builder/root/DATE_COMPILED
View File

@ -1 +0,0 @@
03-09-2024

55
builder/root/usr/sbin/factory_install.sh
View File

@ -40,31 +40,42 @@ esac
# detect if booted from usb boot or from recovery boot
if [ "$(crossystem mainfw_type)" == "recovery" ]; then
source /usr/sbin/kvs/tpmutil.sh
source /usr/share/kvs/tpmutil.sh
source /usr/share/kvs/functions.sh
mkdir /mnt/state &2> /dev/zero
mkdir -p /mnt/state &2>1 /dev/null
mount /dev/disk/by-label/KVS /mnt/state
elif [ "$(crossystem mainfw_type)" == "developer" ]; then
panic "non-reco"
stop $tpmdaemon
clear
sleep infinity
. ./functions.sh
. ./tpmutil.sh
source ./functions.sh
source ./tpmutil.sh
elif [ "$(crossystem mainfw_type)" == "developer" ]; then
source /usr/sbin/kvs/tpmutil.sh
source /usr/sbin/kvs/functions.sh
# panic "non-reco"
# sleep infinity
clear
. ../share/kvs/functions.sh
. ../share/kvs/tpmutil.sh
source ../share/kvs/functions.sh
source ../share/kvs/tpmutil.sh
style_text "YOU ARE RUNNING A DEBUG VERSION OF KVS, THIS WAS OPTIMIZED TO RUN ON CHROMEOS ONLY! ALL ACTIONS ARE PURELY VISUAL AND NOT FUNCTIONAL IN THIS MODE!!!"
sleep 5
clear
fi
credits(){
echo "KVS: Kernel Version Switcher"
echo "v$version"
echo "=-=-=-=-=-=-=-=-=-=-=-=-=-=-"
clear
echo "KVS: Kernel Version Switcher v$version"
echo "Current kernver: $kernver"
echo "TPM Version: $tpmver"
echo "TPMD: $tpmdaemon"
echo "-=-=-=-=-=-=-=-=-=-=-"
echo "kxtzownsu - Writing KVS, Providing kernver 0 & kernver 1 files."
echo "??? - Providing kernver 2 files."
echo "TBD - Providing kernver 3 files."
echo "Google - Writing the `tpmc` command :3"
echo "crossystem - Providing kernver 2 files."
echo "miimaker - Providing kernver 3 files."
echo "OlyB - Helping me figure out the shim builder, seriously, thanks."
echo "Google - Writing the 'tpmc' command :3"
echo "-=-=-=-=-=-=-=-=-=-=-"
echo "Press ENTER to return to the main menu"
read -r
}
endkvs(){
@ -74,22 +85,24 @@ endkvs(){
main(){
if [ $() ]
echo "KVS: Kernel Version Switcher v$version"
echo "Current kernver: $kernver"
echo "TPM Version: $tpmver"
echo "TPMD: $tpmdaemon"
echo "=-=-=-=-=-=-=-=-=-=-"
echo "-=-=-=-=-=-=-=-=-=-=-"
echo "1) Set New kernver"
echo "2) Backup kernver (WIP, Kinda Broken)"
echo "3) Credits"
echo "4) Exit"
read -rep "> " sel
echo "2) Backup kernver"
echo "3) Bash Shell"
echo "4) Credits"
echo "5) Exit"
printf '\x1b[?25h'
read -rep "$(printf '\x1b[?25h')> " sel
selection $sel
}
while true; do
clear
main
done

154
builder/root/usr/sbin/kvs/functions.sh
View File

@ -1,154 +0,0 @@
#!/bin/bash
style_text() {
printf "\033[31m\033[1m\033[5m$1\033[0m\n"
}
panic(){
case "$1" in
"invalid-kernver")
style_text "KVS PANIC"
printf "\033[31mERR\033[0m"
printf ": Invalid Kernel Version. Please make a GitHub issue at \033[3;34m$GITHUB_URL\033[0m with a picture of this information.\n"
echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-="
echo "tpm_kernver: $(crossystem tpm_kernver)"
echo "fwid: $(dmidecode -s bios-version) (compiled: $(dmidecode -s bios-release-date))"
echo "date: $(date +"%m-%d-%Y %I:%M:%S %p")"
echo "model: $(cat /sys/class/dmi/id/product_name) $(cat /sys/class/dmi/id/product_version)"
echo "Please shutdown your device now using REFRESH+PWR"
sleep infinity
;;
"mount-error")
style_text "KVS PANIC"
printf "\033[31mERR\033[0m"
printf ": Unable to mount stateful. Please make a GitHub issue at \033[3;34m$GITHUB_URL\033[0m with a picture of this information.\n"
echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-="
echo "tpm_kernver: $(crossystem tpm_kernver)"
echo "fwid: $(dmidecode -s bios-version) (compiled: $(dmidecode -s bios-release-date))"
echo "state mounted: $([ -d /mnt/state/ ] && grep -qs '/mnt/state ' /proc/mounts && echo true || echo false)"
echo "date: $(date +"%m-%d-%Y %I:%M:%S %p")"
echo "model: $(cat /sys/class/dmi/id/product_name) $(cat /sys/class/dmi/id/product_version)"
echo "Please shutdown your device now using REFRESH+PWR"
sleep infinity
;;
"non-reco")
style_text "KVS PANIC"
printf "\033[31mERR\033[0m"
printf ": Wrong Boot Method. To fix: boot the shim using the recovery method. (ESC+REFRESH+PWR) and \033[31mNOT\033[0m USB Boot.\n"
echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-="
echo "tpm_kernver: $(crossystem tpm_kernver)"
echo "fwid: $(dmidecode -s bios-version) (compiled: $(dmidecode -s bios-release-date))"
echo "fw mode: $(crossystem mainfw_type)"
echo "date: $(date +"%m-%d-%Y %I:%M:%S %p")"
echo "model: $(cat /sys/class/dmi/id/product_name) $(cat /sys/class/dmi/id/product_version)"
echo "Please shutdown your device now using REFRESH+PWR"
sleep infinity
;;
"tpmd-not-killed")
style_text "KVS PANIC"
printf "\033[31mERR\033[0m"
printf ": $tpmdaemon unable to be killed. Please make a GitHub issue at \033[3;34m$GITHUB_URL\033[0m with a picture of this information.\n"
echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-="
echo "tpm_kernver: $(crossystem tpm_kernver)"
echo "fwid: $(dmidecode -s bios-version) (compiled: $(dmidecode -s bios-release-date))"
echo "tpmd ($tpmdaemon) running: $(status $tpmdaemon | grep stopped && echo true || echo false)"
echo "date: $(date +"%m-%d-%Y %I:%M:%S %p")"
echo "model: $(cat /sys/class/dmi/id/product_name) $(cat /sys/class/dmi/id/product_version)"
echo "Please shutdown your device now using REFRESH+PWR"
sleep infinity
;;
"*")
echo "Panic ID unable to be found: $1"
echo "Exiting script to prevent crash, please make an issue at \033[3;34m$GITHUB_URL\033[0m."
esac
}
stopwatch() {
display_timer() {
printf "[%02d:%02d:%02d]\n" $hh $mm $ss
}
hh=0 #hours
mm=0 #minutes
ss=0 #seconds
while true; do
clear
echo "Initiated reboot, if this doesn't reboot please manually reboot with REFRESH+PWR"
echo "Time since reboot initiated:"
display_timer
ss=$((ss + 1))
# if seconds reach 60, increment the minutes
if [ $ss -eq 60 ]; then
ss=0
mm=$((mm + 1))
fi
# if minutes reach 60, increment the hours
if [ $mm -eq 60 ]; then
mm=0
hh=$((hh + 1))
fi
sleep 1
done
}
selection(){
case $1 in
"1")
echo "Please Enter Target kernver (0-3)"
read -rep "> " kernver
case $kernver in
"0")
echo "Setting kernver 0"
write_tpm 0x1008 $(cat /mnt/realstate/kvs/kernver0)
;;
"1")
echo "Setting kernver 1"
write_tpm 0x1008 $(cat /mnt/realstate/kvs/kernver1)
;;
"2")
echo "Setting kernver 2"
write_tpm 0x1008 $(cat /mnt/realstate/kvs/kernver2)
;;
"3")
echo "Setting kernver 3"
write_tpm 0x1008 $(cat /mnt/realstate/kvs/kernver3)
;;
*)
echo "Invalid kernver. Please check your input."
main
;;
esac ;;
"2")
case $currentkernver in
"0x00000000")
echo "Current kernver: 0"
echo "Outputting to stateful/kernver-out"
cp /mnt/realstate/kvs/kernver0 /mnt/state/kernver-out
;;
"0x00010001")
echo "Current kernver: 1"
echo "Outputting to stateful/kernver-out"
cp /mnt/realstate/kvs/kernver1 /mnt/state/kernver-out
;;
"0x00010002")
echo "Current kernver: 2"
echo "Outputting to stateful/kernver-out"
cp /mnt/realstate/kvs/kernver2 /mnt/state/kernver-out
;;
"0x00010003")
echo "Current kernver: 3"
echo "Outputting to stateful/kernver-out"
cp /mnt/realstate/kvs/kernver3 /mnt/state/kernver-out
;;
*)
panic "invalid-kernver"
;;
esac ;;
"3")
credits
;;
"4")
endkvs
;;
esac
}

15
builder/root/usr/sbin/kvs/tpmutil.sh
View File

@ -1,15 +0,0 @@
#!/bin/bash
write_tpm(){
local index=$1
local data=$2
tpmc write "$index" "$data"
}
read_tpm(){
local index=$1
local bytes=$2
tpmc read "$index" "$bytes"
}

15
builder/root/usr/sbin/tpmutil.sh
View File

@ -1,15 +0,0 @@
#!/bin/bash
write_tpm(){
local index=$1
local data=$2
tpmc write "$index" "$data"
}
read_tpm(){
local index=$1
local bytes=$2
tpmc read "$index" "$bytes"
}

87
builder/root/usr/sbin/functions.sh → builder/root/usr/share/kvs/functions.sh
View File

@ -99,19 +99,32 @@ selection(){
case $kernver in
"0")
echo "Setting kernver 0"
write_tpm 0x1008 $(cat /mnt/realstate/kvs/kernver0)
write_kernver $(cat /mnt/state/kvs/kernver0)
sleep 2
echo "Finished writing kernver $kernver!"
echo "Press ENTER to return to main menu.."
read -r
;;
"1")
echo "Setting kernver 1"
write_tpm 0x1008 $(cat /mnt/realstate/kvs/kernver1)
write_kernver $(cat /mnt/state/kvs/kernver1)
echo "Finished writing kernver $kernver!"
echo "Press ENTER to return to main menu.."
read -r
;;
"2")
echo "Setting kernver 2"
write_tpm 0x1008 $(cat /mnt/realstate/kvs/kernver2)
write_kernver $(cat /mnt/state/kvs/kernver2)
echo "Finished writing kernver $kernver!"
echo "Press ENTER to return to main menu.."
read -r
;;
"3")
echo "Setting kernver 3"
write_tpm 0x1008 $(cat /mnt/realstate/kvs/kernver3)
write_kernver $(cat /mnt/state/kvs/kernver3)
echo "Finished writing kernver $kernver!"
echo "Press ENTER to return to main menu.."
read -r
;;
*)
echo "Invalid kernver. Please check your input."
@ -119,36 +132,82 @@ selection(){
;;
esac ;;
"2")
case $currentkernver in
"0x00000000")
case $kernver in
"0")
echo "Current kernver: 0"
echo "Outputting to stateful/kernver-out"
cp /mnt/realstate/kvs/kernver0 /mnt/state/kernver-out
cp /mnt/state/kvs/raw/kernver0.raw /mnt/state/kernver-out
echo "Finished saving kernver $kernver!"
echo "Press ENTER to return to main menu.."
read -r
;;
"0x00010001")
"1")
echo "Current kernver: 1"
echo "Outputting to stateful/kernver-out"
cp /mnt/realstate/kvs/kernver1 /mnt/state/kernver-out
cp /mnt/state/kvs/raw/kernver1.raw /mnt/state/kernver-out
echo "Finished saving kernver $kernver!"
echo "Press ENTER to return to main menu.."
read -r
;;
"0x00010002")
"2")
echo "Current kernver: 2"
echo "Outputting to stateful/kernver-out"
cp /mnt/realstate/kvs/kernver2 /mnt/state/kernver-out
cp /mnt/state/kvs/raw/kernver2.raw /mnt/state/kernver-out
echo "Finished saving kernver $kernver!"
echo "Press ENTER to return to main menu.."
read -r
;;
"0x00010003")
"3")
echo "Current kernver: 3"
echo "Outputting to stateful/kernver-out"
cp /mnt/realstate/kvs/kernver3 /mnt/state/kernver-out
cp /mnt/state/kvs/raw/kernver3.raw /mnt/state/kernver-out
echo "Finished saving kernver $kernver!"
echo "Press ENTER to return to main menu.."
read -r
;;
*)
panic "invalid-kernver"
;;
esac ;;
"3")
credits
bash
;;
"4")
credits
;;
"5")
endkvs
;;
"6")
clear
style_text "silly debug menu!!"
echo "panic menu"
echo "1) invalid-kernver"
echo "2) mount-error"
echo "3) non-reco"
echo "4) tpmd-not-killed"
echo "5) return to menu"
read -rep "> " panicsel
case $panicsel in
"1")
panic "invalid-kernver"
;;
"2")
panic "mount-error"
;;
"3")
panic "non-reco"
;;
"4")
panic "tpmc-not-killed"
;;
"5")
echo ""
;;
"*")
echo "invalid option, wat the flip!!!"
;;
esac ;;
esac
}

29
builder/root/usr/share/kvs/tpmutil.sh Executable file
View File

@ -0,0 +1,29 @@
#!/bin/bash
write_kernver(){
local data=$*
tpmc write 0x1008 $data
}
# gotta make this really complicated because TPMC doesn't like when I try to read the full index on GRUNT BARLA....
read_kernver(){
case $kernver in
"0")
cat /mnt/state/kvs/kernver0
;;
"1")
cat /mnt/state/kvs/kernver1
;;
"2")
cat /mnt/state/kvs/kernver2
;;
"3")
cat /mnt/state/kvs/kernver3
;;
"*")
panic "invalid-kernver"
;;
esac
}

0
builder/stateful/kvs/dev_image/etc/lsb-factory
View File

2
builder/stateful/kvs/kernver1
View File

@ -1 +1 @@
02 4c 57 52 47 0 0 0 0 0 0 0 0
02 4c 57 52 47 1 0 1 0 0 0 0 55

2
builder/stateful/kvs/kernver2
View File

@ -1 +1 @@
02 4c 57 52 47 1 0 1 0 0 0 0 55
02 4c 57 52 47 2 0 1 0 0 0 0 33

BIN
builder/stateful/kvs/raw/kernver2.raw
View File

Binary file not shown.