e

.gitignore

@@ -1,3 +1,6 @@
+*.bin*
+build/
+
 # Prerequisites
 *.d
 

.vscode/settings.json

@@ -1,3 +1,3 @@
 {
-    "editor.largeFileOptimizations": true
+    "editor.disableMonospaceOptimizations": true,
 }

README.md

@@ -0,0 +1,33 @@
+# PicoShim
+## The smallest shim to ever come out (so far)
+
+### THIS REQUIRES A USB AND BASIC INSTRUCTION FOLLOWING SKILLS
+
+## How to use this
+**1.** Find your board, this can be done by going to `chrome://version` and then looking for the "Platform" entry. <br />
+    **1a.** Once found, look at the **last** word in the line, that is your board.<br />
+**2.** Download a shim at https://dl.kxtz.dev/ChromeOS/shims/PicoShim<br />
+**3.** Open the Chrome Recovery Utility (or flasher of your choice) and open the file, and then select your USB.<br />
+**4.** Once the image is done flashing, remove all external media (CD, USB, SD) and press ESC+REFRESH+PWR<br />
+**5.** Insert your newly-flashed USB <br />
+**6.** enjoy the smallest shim thats bootable with MP keys as of 9/11/24<br />
+
+
+## How to compile a shim
+**1.** Clone the repository with `git`, `git clone https://git.kxtz.dev/PicoShim`<br />
+    **1a.** If git.kxtz.dev is down, you can use <https://github.com/kxtzownsu/PicoShim><br />
+**2.** cd into the newly-cloned repo with `cd PicoShim`<br />
+**3.** cd into the `builder` folder<br />
+**4.** Move your shim into the `builder` folder <br />
+**5.** Run `sudo bash picobuilder.sh /path/to/shim.bin`<br />
+**6.** Your shim should now be less than 50MiB when done.<br />
+
+## GitHub
+https://github.com/kxtzownsu/PicoShim
+
+## Credits
+kxtzownsu - writing picoshim & the builder
+
+ading2210 (vk6) - the extract_initramfs code
+
+BinBashBanana (OlyB) - the shim shrinking code

builder/bootstrap/noarch/bin/init

@@ -0,0 +1,16 @@
+#!/bin/sh
+
+VERSION="1.0.0"
+
+printf "\033]input:on\a"
+printf "\033[?25h"
+
+bash /installbins
+rm -rf /init
+
+clear
+echo "PicoShim $VERSION"
+echo "this shell is PID 1 - exiting will crash your chromebook"
+
+tty=/dev/pts/0
+setsid bash -c "exec script -afqc 'while :; do /bin/bash || :; done' /dev/null <${tty} >>${tty} 2>&1"

builder/buildables/vboot_reference/build.sh

@@ -0,0 +1,40 @@
+#!/bin/bash
+SCRIPT_DIR=$(realpath "$(dirname "$0")")
+REPO_DIR="vboot_reference"
+BRANCH="release-R133-16151.B"
+
+echo "This script was made to work with Ubuntu 22.04."
+echo "By pressing ENTER, you acknowledge this"
+echo "By pressing CTRL-C, you will deny this"
+read -r
+
+sudo apt install -y git wget libuuid1
+
+if [[ ! -d "$SCRIPT_DIR/$REPO_DIR" ]]; then
+    git clone https://chromium.googlesource.com/chromiumos/platform/vboot_reference -b "$BRANCH" "$SCRIPT_DIR/$REPO_DIR"
+else
+    echo "Repository already exists. Skipping clone."
+fi
+
+
+cd "$SCRIPT_DIR/$REPO_DIR" || exit 1
+git apply ../vboot_reference.patch
+CFLAGS="-fPIC" CXXFLAGS="-fPIC" make STATIC=1 TPM2_MODE=1 USE_FLASHROM=0
+
+echo "Would you like to clean up the directory?"
+read -rep "[Y/n] " cleanupChoice
+
+if [[ "$cleanupChoice" == "y" || "$cleanupChoice" == "Y" || "$cleanupChoice" == "" ]]; then
+    if [[ -d "$SCRIPT_DIR/build" ]]; then
+	rm -rf "$SCRIPT_DIR/build"
+    fi
+    if [[ -d "$SCRIPT_DIR/$REPO_DIR/build" ]]; then
+        mv "$SCRIPT_DIR/$REPO_DIR/build" "$SCRIPT_DIR"
+    fi
+
+    find "$SCRIPT_DIR/build" -name '*.o*' -type f -delete
+    find "$SCRIPT_DIR/build" -type d -empty -delete
+    rm -rf "$SCRIPT_DIR/$REPO_DIR"
+    echo "Cleaned! Final build files are at $SCRIPT_DIR/build"
+fi
+

builder/buildables/vboot_reference/vboot_reference.patch

@@ -0,0 +1,12 @@
+diff --git a/Makefile b/Makefile
+index ff3f88d1..94b1cee3 100644
+--- a/Makefile
++++ b/Makefile
+@@ -533,7 +533,6 @@ ALL_OBJS += ${UTILLIB_OBJS}
+ 
+ # Externally exported library for some target userspace apps to link with
+ # (cryptohome, updater, etc.)
+-HOSTLIB = ${BUILD}/libvboot_host.so
+ HOSTLIB_STATIC = ${BUILD}/libvboot_host.a
+ 
+ # For testing purposes files contianing some libvboot_host symbols.

builder/lib/detect_arch.sh

@@ -7,7 +7,8 @@ detect_arch() {
 	if [ -f "$MNT_ROOT/bin/bash" ]; then
 		case "$(file -b "$MNT_ROOT/bin/bash" | awk -F ', ' '{print $2}' | tr '[:upper:]' '[:lower:]')" in
 			# for now assume arm has aarch64 kernel
-			*aarch64* | *armv8* | *arm*) TARGET_ARCH=arm64 ;;
+			# theres no armv7 shims leaked so far iirc
+			*aarch64* | *armv8* | *arm*) TARGET_ARCH=aarch64 ;;
 		esac
 	fi
 	echo "$TARGET_ARCH"

builder/lib/extract_initramfs.sh

@@ -93,7 +93,7 @@ extract_initramfs_full() {
   copy_kernel $shim_path $kernel_dir
 
   echo "extracting initramfs from kernel (this may take a while)"
-  if [ "$arch" = "arm64" ]; then
+  if [ "$arch" = "aarch64" ]; then
     extract_initramfs_arm $kernel_dir/kernel.bin $kernel_dir $rootfs_dir
   else
     extract_initramfs $kernel_dir/kernel.bin $kernel_dir $rootfs_dir

builder/lib/rootfs_utils.sh

@@ -29,6 +29,7 @@ n
 +${state_size}M
 w
 EOF
+echo "y" | mkfs.ext4 "$image"p1 > /dev/null 2>&1
 }
 
 is_ext2() {

builder/picoshim.sh

@@ -14,13 +14,13 @@ if [ "$1" == "" ]; then
 fi
 
 SCRIPT_DIR=$(dirname "$0")
+SCRIPT_DIR=${SCRIPT_DIR:-"."}
 VERSION=1
 
 ARCHITECTURE="$(uname -m)"
 case "$ARCHITECTURE" in
 	*x86_64* | *x86-64*) ARCHITECTURE=x86_64 ;;
 	*aarch64* | *armv8*) ARCHITECTURE=aarch64 ;;
-	*i[3-6]86*) ARCHITECTURE=i386 ;;
 	*) fail "Unsupported architecture $ARCHITECTURE" ;;
 esac
 
@@ -32,28 +32,43 @@ echo "PicoShim builder"
 echo "requires: binwalk, fdisk, cgpt, mkfs.ext2, numfmt"
 
 SHIM="$1"
-initramfs="/tmp/initramfs_path"
+initramfs="/tmp/picoshim_initramfs"
-rootfs_mnt="/tmp/picoshim_rootmnt"
+rootfs_mnt="/tmp/picoshim_rootfsmnt"
-loopdev=$(losetup -f)
+state_mnt="/tmp/picoshim_statemnt"
-CGPT="${SCRIPT_DIR}/lib/bin/$ARCHITECTURE/cgpt"
+CGPT="${SCRIPT_DIR}/bins/$ARCHITECTURE/cgpt"
-SFDISK="${SCRIPT_DIR}/lib/bin/$ARCHITECTURE/sfdisk"
+SFDISK="${SCRIPT_DIR}/bins/$ARCHITECTURE/sfdisk"
-
-# gets the initramfs size, e.g: 6.5M, and rounds it to the nearest whole number, e.g: 7M
-# we're giving it 5 extra MBs to allow the busybox binaries to be installed
-initramfs_size=$(($(du -sb "$initramfs" | awk '{print $1}' | numfmt --to=iec | awk '{print int($1) + ($1 > int($1))}') + 2))
-kernsize=$(fdisk -l ${loopdev}p2 | head -n 1 | awk '{printf $3}')
 
 # size of stateful partition in MiB
 state_size="1"
 
 
+rm -rf /tmp/kernel*
+losetup -D
 
-rm -rf $initramfs # cleanup previous instances of picoshim, if they existed.
+# cleanup previous instances of picoshim, if they existed
+umount -R $initramfs  > /dev/null 2>&1
+rm -rf $initramfs
 mkdir -p $initramfs
 
-rm -rf $rootfs_mnt # cleanup previous instances of picoshim, if they existed.
+umount -R $rootfs_mnt  > /dev/null 2>&1
+rm -rf $rootfs_mnt
 mkdir -p $rootfs_mnt
 
+umount -R $state_mnt  > /dev/null 2>&1
+rm -rf $state_mnt
+mkdir -p $state_mnt
+
+rm -rf /tmp/loop0
+
+# the amount of headaches loop0 has caused me....
+if ! $(losetup | grep loop0); then
+	touch /tmp/loop0
+	dd if=/dev/urandom of=/tmp/loop0 bs=1 count=512 status=none > /dev/null 2>&1
+	losetup -P /dev/loop0 /tmp/loop0
+fi
+
+loopdev=$(losetup -f)
+
 if [ -f "$SHIM" ]; then
   shrink_partitions "$SHIM"
   losetup -P "$loopdev" "$SHIM"
@@ -63,7 +78,15 @@ fi
 
 arch=$(detect_arch $loopdev)
 extract_initramfs_full "$loopdev" "$initramfs" "/tmp/shim_kernel/kernel.img" "$arch"
-dd if="${loopdev}p2" of=/tmp/kernel-new.bin bs=1M oflag=direct status=none
+dd if="${loopdev}p2" of=/tmp/kernel-new.bin bs=1M status=none
+
+# gets the initramfs size, e.g: 6.5M, and rounds it to the nearest whole number, e.g: 7M
+# we're giving it 5 extra MBs to allow the busybox binaries to be installed & our bootstrapped stuff
+initramfs_size=$(($(du -sb "$initramfs" | awk '{print $1}' | numfmt --to=iec | awk '{print int($1) + ($1 > int($1))}') + 3))
+kernsize=$(($(du -sb /tmp/kernel-new.bin | awk '{print $1}' | numfmt --to=iec | awk '{print int($1) + ($1 > int($1))}')))
+# add another meg to the kernel just incase of resigning issues (:spoob:)
+
+echo "fdisk!"
 
 fdisk "$loopdev" <<EOF > /dev/null 2>&1 
 d
@@ -84,7 +107,7 @@ p
 
 w
 EOF
-dd if=/tmp/kernel-new.bin of="${loopdev}p2" bs=1M oflag=direct status=none
+dd if=/tmp/kernel-new.bin of="${loopdev}p2" bs=1M oflag=direct status=none conv=notrunc
 
 echo "creating new filesystem on rootfs"
 echo "y" | mkfs.ext2 "$loopdev"p3 -L ROOT-A > /dev/null 2>&1
@@ -92,20 +115,48 @@ echo "mounting & moving files from initramfs to rootfs"
 mount "$loopdev"p3 "$rootfs_mnt"
 mv "$initramfs"/* "$rootfs_mnt"/
 
+echo "bootstrapping rootfs..." 
+# we have to do this due to issues with the `cp` command
+noarchfolders=$(ls "${SCRIPT_DIR}/bootstrap/noarch/")
+for folder in $noarchfolders; do
+  cp -r "${SCRIPT_DIR}/bootstrap/noarch/${folder}" "$rootfs_mnt"
+  files=$(find "${SCRIPT_DIR}/bootstrap/noarch/${folder}" -type f)
+  for file in $files; do
+    chmod +x $file
+  done 
+done
+
+archfolders=$(ls "${SCRIPT_DIR}/bootstrap/$arch/")
+for folder in $archfolders; do 
+  cp -r "${SCRIPT_DIR}/bootstrap/${arch}/${folder}" "$rootfs_mnt"
+  files=$(find "${SCRIPT_DIR}/bootstrap/${arch}/${folder}" -type f)
+  for file in $files; do
+    chmod +x $file
+  done 
+done
+
+printf "#!/bin/busybox sh \n /bin/busybox --install /bin" > "$rootfs_mnt"/installbins
+chmod +x "$rootfs_mnt"/installbins
+
+# we do this inside the init script now
+# chroot "$rootfs_mnt" "/installbins"
+
 create_stateful "$loopdev"
+mount "$loopdev"p1 "$state_mnt"
+mkdir -p "$state_mnt"/dev_image/etc/
+touch "$state_mnt"/dev_image/etc/lsb-factory
 
 
 echo "adding kernel priorities"
-"$CGPT" add "$loopdev" -i 2 -t kernel -P 1
+"$CGPT" add "$loopdev" -i 2 -t kernel -P 15 -T 15 -S 1 -R 1 -l KERN-A
-"$CGPT" add "$loopdev" -i 3 -t rootfs
+"$CGPT" add "$loopdev" -i 3 -t rootfs -l ROOT-A
 
 echo "cleaning up"
 losetup -D
 
 truncate_image "$SHIM"
 
-
+umount "$loopdev"p3
+umount "$loopdev"p1
 rm -rf $initramfs
 rm -rf $rootfs_mnt
-umount "$loopdev"p3
-