kxtzownsu/PicoShim
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rel 1.0.0

Browse Source
This commit is contained in:
kxtzownsu 2025-01-17 18:23:21 +00:00
parent 0553608cc7
commit d12fa88c40
6 changed files with 80 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -1,4 +1,5 @@
grunt.bin.old *.bin*
build/
# Prerequisites # Prerequisites
*.d *.d

9
builder/bootstrap/noarch/bin/init
View File

@ -1,11 +1,16 @@
#!/bin/sh #!/bin/sh
VERSION="1.0.0"
printf "\033]input:on\a" printf "\033]input:on\a"
printf "\033[?25h" printf "\033[?25h"
bash /installbins
rm -rf /init
clear clear
echo "PicoShim PoC without frecon restart" echo "PicoShim $VERSION"
echo "shell is pid 1, exit = kern panic" echo "this shell is PID 1 - exiting will crash your chromebook"
tty=/dev/pts/0 tty=/dev/pts/0
setsid bash -c "exec script -afqc 'while :; do /bin/bash || :; done' /dev/null <${tty} >>${tty} 2>&1" setsid bash -c "exec script -afqc 'while :; do /bin/bash || :; done' /dev/null <${tty} >>${tty} 2>&1"

40
builder/buildables/vboot_reference/build.sh Normal file
View File

@ -0,0 +1,40 @@
#!/bin/bash
SCRIPT_DIR=$(realpath "$(dirname "$0")")
REPO_DIR="vboot_reference"
BRANCH="release-R133-16151.B"
echo "This script was made to work with Ubuntu 22.04."
echo "By pressing ENTER, you acknowledge this"
echo "By pressing CTRL-C, you will deny this"
read -r
sudo apt install -y git wget libuuid1
if [[ ! -d "$SCRIPT_DIR/$REPO_DIR" ]]; then
git clone https://chromium.googlesource.com/chromiumos/platform/vboot_reference -b "$BRANCH" "$SCRIPT_DIR/$REPO_DIR"
else
echo "Repository already exists. Skipping clone."
fi
cd "$SCRIPT_DIR/$REPO_DIR" || exit 1
git apply ../vboot_reference.patch
CFLAGS="-fPIC" CXXFLAGS="-fPIC" make STATIC=1 TPM2_MODE=1 USE_FLASHROM=0
echo "Would you like to clean up the directory?"
read -rep "[Y/n] " cleanupChoice
if [[ "$cleanupChoice" == "y" || "$cleanupChoice" == "Y" || "$cleanupChoice" == "" ]]; then
if [[ -d "$SCRIPT_DIR/build" ]]; then
rm -rf "$SCRIPT_DIR/build"
fi
if [[ -d "$SCRIPT_DIR/$REPO_DIR/build" ]]; then
mv "$SCRIPT_DIR/$REPO_DIR/build" "$SCRIPT_DIR"
fi
find "$SCRIPT_DIR/build" -name '*.o*' -type f -delete
find "$SCRIPT_DIR/build" -type d -empty -delete
rm -rf "$SCRIPT_DIR/$REPO_DIR"
echo "Cleaned! Final build files are at $SCRIPT_DIR/build"
fi

12
builder/buildables/vboot_reference/vboot_reference.patch Normal file
View File

@ -0,0 +1,12 @@
diff --git a/Makefile b/Makefile
index ff3f88d1..94b1cee3 100644
--- a/Makefile
+++ b/Makefile
@@ -533,7 +533,6 @@ ALL_OBJS += ${UTILLIB_OBJS}
# Externally exported library for some target userspace apps to link with
# (cryptohome, updater, etc.)
-HOSTLIB = ${BUILD}/libvboot_host.so
HOSTLIB_STATIC = ${BUILD}/libvboot_host.a
# For testing purposes files contianing some libvboot_host symbols.

2
builder/lib/extract_initramfs.sh
View File

@ -93,7 +93,7 @@ extract_initramfs_full() {
copy_kernel $shim_path $kernel_dir copy_kernel $shim_path $kernel_dir
echo "extracting initramfs from kernel (this may take a while)" echo "extracting initramfs from kernel (this may take a while)"
if [ "$arch" = "arm64" ]; then if [ "$arch" = "aarch64" ]; then
extract_initramfs_arm $kernel_dir/kernel.bin $kernel_dir $rootfs_dir extract_initramfs_arm $kernel_dir/kernel.bin $kernel_dir $rootfs_dir
else else
extract_initramfs $kernel_dir/kernel.bin $kernel_dir $rootfs_dir extract_initramfs $kernel_dir/kernel.bin $kernel_dir $rootfs_dir

22
builder/picoshim.sh
View File

@ -45,13 +45,17 @@ state_size="1"
rm -rf /tmp/kernel* rm -rf /tmp/kernel*
losetup -D losetup -D
rm -rf $initramfs # cleanup previous instances of picoshim, if they existed. # cleanup previous instances of picoshim, if they existed
umount -R $initramfs > /dev/null 2>&1
rm -rf $initramfs
mkdir -p $initramfs mkdir -p $initramfs
rm -rf $rootfs_mnt # cleanup previous instances of picoshim, if they existed. umount -R $rootfs_mnt > /dev/null 2>&1
rm -rf $rootfs_mnt
mkdir -p $rootfs_mnt mkdir -p $rootfs_mnt
rm -rf $state_mnt # cleanup previous instances of picoshim, if they existed. umount -R $state_mnt > /dev/null 2>&1
rm -rf $state_mnt
mkdir -p $state_mnt mkdir -p $state_mnt
rm -rf /tmp/loop0 rm -rf /tmp/loop0
@ -116,16 +120,26 @@ echo "bootstrapping rootfs..."
noarchfolders=$(ls "${SCRIPT_DIR}/bootstrap/noarch/") noarchfolders=$(ls "${SCRIPT_DIR}/bootstrap/noarch/")
for folder in $noarchfolders; do for folder in $noarchfolders; do
cp -r "${SCRIPT_DIR}/bootstrap/noarch/${folder}" "$rootfs_mnt" cp -r "${SCRIPT_DIR}/bootstrap/noarch/${folder}" "$rootfs_mnt"
files=$(find "${SCRIPT_DIR}/bootstrap/noarch/${folder}" -type f)
for file in $files; do
chmod +x $file
done
done done
archfolders=$(ls "${SCRIPT_DIR}/bootstrap/$arch/") archfolders=$(ls "${SCRIPT_DIR}/bootstrap/$arch/")
for folder in $archfolders; do for folder in $archfolders; do
cp -r "${SCRIPT_DIR}/bootstrap/${arch}/${folder}" "$rootfs_mnt" cp -r "${SCRIPT_DIR}/bootstrap/${arch}/${folder}" "$rootfs_mnt"
files=$(find "${SCRIPT_DIR}/bootstrap/${arch}/${folder}" -type f)
for file in $files; do
chmod +x $file
done
done done
printf "#!/bin/busybox sh \n /bin/busybox --install /bin" > "$rootfs_mnt"/installbins printf "#!/bin/busybox sh \n /bin/busybox --install /bin" > "$rootfs_mnt"/installbins
chmod +x "$rootfs_mnt"/installbins chmod +x "$rootfs_mnt"/installbins
chroot "$rootfs_mnt" "/installbins"
# we do this inside the init script now
# chroot "$rootfs_mnt" "/installbins"
create_stateful "$loopdev" create_stateful "$loopdev"
mount "$loopdev"p1 "$state_mnt" mount "$loopdev"p1 "$state_mnt"