From d12fa88c40a10a11ced766a6cbc51934fd4a789a Mon Sep 17 00:00:00 2001 From: kxtzownsu Date: Fri, 17 Jan 2025 18:23:21 +0000 Subject: [PATCH] rel 1.0.0 --- .gitignore | 3 +- builder/bootstrap/noarch/bin/init | 9 ++++- builder/buildables/vboot_reference/build.sh | 40 +++++++++++++++++++ .../vboot_reference/vboot_reference.patch | 12 ++++++ builder/lib/extract_initramfs.sh | 2 +- builder/picoshim.sh | 22 ++++++++-- 6 files changed, 80 insertions(+), 8 deletions(-) create mode 100644 builder/buildables/vboot_reference/build.sh create mode 100644 builder/buildables/vboot_reference/vboot_reference.patch diff --git a/.gitignore b/.gitignore index 63b15c9..03442c5 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ -grunt.bin.old +*.bin* +build/ # Prerequisites *.d diff --git a/builder/bootstrap/noarch/bin/init b/builder/bootstrap/noarch/bin/init index 62297a9..7a18f48 100755 --- a/builder/bootstrap/noarch/bin/init +++ b/builder/bootstrap/noarch/bin/init @@ -1,11 +1,16 @@ #!/bin/sh +VERSION="1.0.0" + printf "\033]input:on\a" printf "\033[?25h" +bash /installbins +rm -rf /init + clear -echo "PicoShim PoC without frecon restart" -echo "shell is pid 1, exit = kern panic" +echo "PicoShim $VERSION" +echo "this shell is PID 1 - exiting will crash your chromebook" tty=/dev/pts/0 setsid bash -c "exec script -afqc 'while :; do /bin/bash || :; done' /dev/null <${tty} >>${tty} 2>&1" diff --git a/builder/buildables/vboot_reference/build.sh b/builder/buildables/vboot_reference/build.sh new file mode 100644 index 0000000..7793830 --- /dev/null +++ b/builder/buildables/vboot_reference/build.sh @@ -0,0 +1,40 @@ +#!/bin/bash +SCRIPT_DIR=$(realpath "$(dirname "$0")") +REPO_DIR="vboot_reference" +BRANCH="release-R133-16151.B" + +echo "This script was made to work with Ubuntu 22.04." +echo "By pressing ENTER, you acknowledge this" +echo "By pressing CTRL-C, you will deny this" +read -r + +sudo apt install -y git wget libuuid1 + +if [[ ! -d "$SCRIPT_DIR/$REPO_DIR" ]]; then + git clone https://chromium.googlesource.com/chromiumos/platform/vboot_reference -b "$BRANCH" "$SCRIPT_DIR/$REPO_DIR" +else + echo "Repository already exists. Skipping clone." +fi + + +cd "$SCRIPT_DIR/$REPO_DIR" || exit 1 +git apply ../vboot_reference.patch +CFLAGS="-fPIC" CXXFLAGS="-fPIC" make STATIC=1 TPM2_MODE=1 USE_FLASHROM=0 + +echo "Would you like to clean up the directory?" +read -rep "[Y/n] " cleanupChoice + +if [[ "$cleanupChoice" == "y" || "$cleanupChoice" == "Y" || "$cleanupChoice" == "" ]]; then + if [[ -d "$SCRIPT_DIR/build" ]]; then + rm -rf "$SCRIPT_DIR/build" + fi + if [[ -d "$SCRIPT_DIR/$REPO_DIR/build" ]]; then + mv "$SCRIPT_DIR/$REPO_DIR/build" "$SCRIPT_DIR" + fi + + find "$SCRIPT_DIR/build" -name '*.o*' -type f -delete + find "$SCRIPT_DIR/build" -type d -empty -delete + rm -rf "$SCRIPT_DIR/$REPO_DIR" + echo "Cleaned! Final build files are at $SCRIPT_DIR/build" +fi + diff --git a/builder/buildables/vboot_reference/vboot_reference.patch b/builder/buildables/vboot_reference/vboot_reference.patch new file mode 100644 index 0000000..6c93b17 --- /dev/null +++ b/builder/buildables/vboot_reference/vboot_reference.patch @@ -0,0 +1,12 @@ +diff --git a/Makefile b/Makefile +index ff3f88d1..94b1cee3 100644 +--- a/Makefile ++++ b/Makefile +@@ -533,7 +533,6 @@ ALL_OBJS += ${UTILLIB_OBJS} + + # Externally exported library for some target userspace apps to link with + # (cryptohome, updater, etc.) +-HOSTLIB = ${BUILD}/libvboot_host.so + HOSTLIB_STATIC = ${BUILD}/libvboot_host.a + + # For testing purposes files contianing some libvboot_host symbols. diff --git a/builder/lib/extract_initramfs.sh b/builder/lib/extract_initramfs.sh index 240c7a3..e56c508 100644 --- a/builder/lib/extract_initramfs.sh +++ b/builder/lib/extract_initramfs.sh @@ -93,7 +93,7 @@ extract_initramfs_full() { copy_kernel $shim_path $kernel_dir echo "extracting initramfs from kernel (this may take a while)" - if [ "$arch" = "arm64" ]; then + if [ "$arch" = "aarch64" ]; then extract_initramfs_arm $kernel_dir/kernel.bin $kernel_dir $rootfs_dir else extract_initramfs $kernel_dir/kernel.bin $kernel_dir $rootfs_dir diff --git a/builder/picoshim.sh b/builder/picoshim.sh index 14a767a..5259497 100755 --- a/builder/picoshim.sh +++ b/builder/picoshim.sh @@ -45,13 +45,17 @@ state_size="1" rm -rf /tmp/kernel* losetup -D -rm -rf $initramfs # cleanup previous instances of picoshim, if they existed. +# cleanup previous instances of picoshim, if they existed +umount -R $initramfs > /dev/null 2>&1 +rm -rf $initramfs mkdir -p $initramfs -rm -rf $rootfs_mnt # cleanup previous instances of picoshim, if they existed. +umount -R $rootfs_mnt > /dev/null 2>&1 +rm -rf $rootfs_mnt mkdir -p $rootfs_mnt -rm -rf $state_mnt # cleanup previous instances of picoshim, if they existed. +umount -R $state_mnt > /dev/null 2>&1 +rm -rf $state_mnt mkdir -p $state_mnt rm -rf /tmp/loop0 @@ -116,16 +120,26 @@ echo "bootstrapping rootfs..." noarchfolders=$(ls "${SCRIPT_DIR}/bootstrap/noarch/") for folder in $noarchfolders; do cp -r "${SCRIPT_DIR}/bootstrap/noarch/${folder}" "$rootfs_mnt" + files=$(find "${SCRIPT_DIR}/bootstrap/noarch/${folder}" -type f) + for file in $files; do + chmod +x $file + done done archfolders=$(ls "${SCRIPT_DIR}/bootstrap/$arch/") for folder in $archfolders; do cp -r "${SCRIPT_DIR}/bootstrap/${arch}/${folder}" "$rootfs_mnt" + files=$(find "${SCRIPT_DIR}/bootstrap/${arch}/${folder}" -type f) + for file in $files; do + chmod +x $file + done done printf "#!/bin/busybox sh \n /bin/busybox --install /bin" > "$rootfs_mnt"/installbins chmod +x "$rootfs_mnt"/installbins -chroot "$rootfs_mnt" "/installbins" + +# we do this inside the init script now +# chroot "$rootfs_mnt" "/installbins" create_stateful "$loopdev" mount "$loopdev"p1 "$state_mnt"