tint: introduce the new tint build system with checksum verification
Three stages of the new tint build system: 1) generate_core.sh extracts the core part from buildgcc script, most importantly the checksum calculation/verification functions. 2) tintify_core.sh adds the tint-specific footer/header to the core, such as the properties of current version including its checksum. 3) tint.sh - generated and "tintified" core script - builds a tint. Signed-off-by: Mike Banon <mikebdp2@gmail.com> Change-Id: Ib71f5b861ecf91949a5af12812258e60873f0498 Reviewed-on: https://review.coreboot.org/c/coreboot/+/50991 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
This commit is contained in:
parent
a7696adbeb
commit
40df8aa84b
|
@ -1,5 +1,25 @@
|
||||||
project_url=https://mirror.fsf.org/trisquel/pool/main/t/tint/tint_0.05.tar.xz
|
#
|
||||||
archive_name=tint_0.05.tar.xz
|
# TINT build system - helps to securely download TINT with a checksum verification and build it.
|
||||||
|
#
|
||||||
|
|
||||||
|
#
|
||||||
|
# Properties of the current TINT version
|
||||||
|
#
|
||||||
|
|
||||||
|
TINT_VERSION=0.05
|
||||||
|
TINT_EXT_VERSION=0.05
|
||||||
|
TINT_ARCHIVE_LINK="https://mirror.fsf.org/trisquel/pool/main/t/tint/tint_${TINT_EXT_VERSION}.tar.xz"
|
||||||
|
TINT_ARCHIVE="tint_${TINT_VERSION}.tar.xz"
|
||||||
|
TINT_DIR="tint-${TINT_VERSION}"
|
||||||
|
TINT_SHA1SUM="859008216930a4584e622d0df41fd75c44d2b47f"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Locations of the input/output scripts
|
||||||
|
#
|
||||||
|
|
||||||
|
buildgcc="./../../../util/crossgcc/buildgcc"
|
||||||
|
corescript="./core.sh"
|
||||||
|
tintified="./tint.sh"
|
||||||
|
|
||||||
unexport KCONFIG_AUTOHEADER
|
unexport KCONFIG_AUTOHEADER
|
||||||
unexport KCONFIG_AUTOCONFIG
|
unexport KCONFIG_AUTOCONFIG
|
||||||
|
@ -10,28 +30,39 @@ unexport KCONFIG_NEGATIVES
|
||||||
|
|
||||||
all: tint
|
all: tint
|
||||||
|
|
||||||
tint: patch
|
################################################################################
|
||||||
echo " MAKE TINT "
|
#
|
||||||
$(MAKE) -C tint
|
# Three stages of TINT build system:
|
||||||
|
#
|
||||||
|
# 1) generate_core.sh extracts the core part from buildgcc script,
|
||||||
|
# most importantly the checksum calculation/verification functions.
|
||||||
|
#
|
||||||
|
# 2) tintify_core.sh adds the TINT-specific footer/header to the core,
|
||||||
|
# such as the properties of current version including its checksum.
|
||||||
|
#
|
||||||
|
# 3) tint.sh - generated and "tintified" core script - builds a TINT.
|
||||||
|
#
|
||||||
|
################################################################################
|
||||||
|
|
||||||
patch: download
|
tint:
|
||||||
cd tint; \
|
if [ ! -f ${tintified} ]; then \
|
||||||
if [ -e debian ]; then \
|
chmod +x "./generate_core.sh" ; \
|
||||||
rm -rf debian typedefs.h Makefile; \
|
"./generate_core.sh" ${buildgcc} ${corescript} "prepare_before_patch" ; \
|
||||||
touch Makefile; \
|
chmod +x "./tintify_core.sh" ; \
|
||||||
patch -l -p1 < ../libpayload_tint.patch; \
|
"./tintify_core.sh" ${corescript} ${tintified} \
|
||||||
fi
|
${TINT_ARCHIVE_LINK} ${TINT_ARCHIVE} ${TINT_DIR} ${TINT_SHA1SUM} ; \
|
||||||
|
fi ; \
|
||||||
download:
|
chmod +x ${tintified}
|
||||||
test -d tint || { wget $(project_url); \
|
${tintified}
|
||||||
tar -xvf $(archive_name); \
|
|
||||||
rm $(archive_name); \
|
|
||||||
mv tint-0.05 tint; }
|
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
test -d tint && $(MAKE) -C tint clean || exit 0
|
test -d "./tint/" && $(MAKE) -C "./tint/" clean || exit 0
|
||||||
|
|
||||||
distclean:
|
distclean:
|
||||||
rm -rf tint
|
rm -rf "./tint/"
|
||||||
|
rm -f ${corescript}
|
||||||
|
rm -f ${tintified}
|
||||||
|
|
||||||
.PHONY: download patch tint clean distclean
|
.PHONY: tint clean distclean
|
||||||
|
|
||||||
|
#
|
||||||
|
|
|
@ -0,0 +1,102 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# generate_core.sh extracts the core part from buildgcc script,
|
||||||
|
# most importantly the checksum calculation/verification functions.
|
||||||
|
#
|
||||||
|
# Copyright (C) 2019 Mike Banon <mikebdp2@gmail.com>
|
||||||
|
#
|
||||||
|
##############################################################################
|
||||||
|
#
|
||||||
|
# USAGE:
|
||||||
|
# ./generate_core.sh <buildgcc> <corescript> prepare_before_patch
|
||||||
|
# where
|
||||||
|
# buildgcc - path to input buildgcc script
|
||||||
|
# corescript - path to output core part script
|
||||||
|
# prepare_before_patch - optional argument to insert prepare_${package}
|
||||||
|
# call into the unpack_and_patch function, e.g.
|
||||||
|
# for removing some files with rm command
|
||||||
|
# in order to reduce the size of patch file
|
||||||
|
#
|
||||||
|
##############################################################################
|
||||||
|
|
||||||
|
buildgcc="$1"
|
||||||
|
corescript="$2"
|
||||||
|
prepare_before_patch="$3"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Imports the source file fragment between start and end into the
|
||||||
|
# destination file, optionally excluding the last line if not needed
|
||||||
|
#
|
||||||
|
|
||||||
|
import_from_file() {
|
||||||
|
source="$1"
|
||||||
|
destination="$2"
|
||||||
|
start="$3"
|
||||||
|
end="$4"
|
||||||
|
last_line_disabled="$5"
|
||||||
|
if [ -z "${last_line_disabled}" ] ; then
|
||||||
|
sed -n "/^${start}/,/^${end}/{/^${start}/{p;n};{p}}" "$source" >> "$destination"
|
||||||
|
else
|
||||||
|
sed -n "/^${start}/,/^${end}/{/^${start}/{p;n};/^${end}/{q};{p}}" "$source" >> "$destination"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Import the color defines together with UNAME/HALT_FOR_TOOLS variables
|
||||||
|
#
|
||||||
|
|
||||||
|
import_from_file "$buildgcc" "$corescript" "red=" "HALT_FOR_TOOLS=0" || exit "$?"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Import the core functions
|
||||||
|
#
|
||||||
|
|
||||||
|
FUNCTIONS="please_install searchtool download compute_hash error_hash_mismatch verify_hash unpack_and_patch"
|
||||||
|
|
||||||
|
for F in $FUNCTIONS ; do
|
||||||
|
import_from_file "$buildgcc" "$corescript" "$F()" "}" || exit "$?"
|
||||||
|
done
|
||||||
|
|
||||||
|
#
|
||||||
|
# Import a fragment where we find tar/patch/make and other essential tools
|
||||||
|
#
|
||||||
|
|
||||||
|
import_from_file "$buildgcc" "$corescript" "# Find all the required tools" "# Allow" "last_line_disabled" || exit "$?"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Import a fragment with conditional exit if some required tools were not found
|
||||||
|
#
|
||||||
|
|
||||||
|
import_from_file "$buildgcc" "$corescript" "if \[ \"\$HALT_FOR_TOOLS" "fi" || exit "$?"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Avoid the unnecessary subdirectories holding a single file each
|
||||||
|
#
|
||||||
|
|
||||||
|
sed -i -e "s/patches\///g" "$corescript"
|
||||||
|
sed -i -e "s/sum\///g" "$corescript"
|
||||||
|
sed -i -e "s/tarballs\///g" "$corescript"
|
||||||
|
sed -i -e "s/cd tarballs || exit 1//g" "$corescript"
|
||||||
|
sed -i -e "s/cd \.\.//g" "$corescript"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Get the known checksum without using a dedicated single-line file
|
||||||
|
#
|
||||||
|
|
||||||
|
sed -i -e "s/\tknown_hash=\"\$(get_known_hash.*/\tknown_hash=\"\$2\"/g" "$corescript"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Update the paths printed at the error messages
|
||||||
|
#
|
||||||
|
|
||||||
|
sed -i -e "s/util\/crossgcc\///g" "$corescript"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Insert prepare_${package} function call between the unpack and patch operations
|
||||||
|
#
|
||||||
|
|
||||||
|
if [ ! -z "${prepare_before_patch}" ] ; then
|
||||||
|
sed -i -e "/\$TAR \$FLAGS \"\$(basename \"\$archive\")\"/a prepare_\${package} || exit \"\$?\"" "$corescript"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#
|
|
@ -0,0 +1,98 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# tintify_core.sh adds the TINT-specific footer/header to the core,
|
||||||
|
# such as the properties of current TINT version including its checksum.
|
||||||
|
#
|
||||||
|
# Copyright (C) 2019 Mike Banon <mikebdp2@gmail.com>
|
||||||
|
#
|
||||||
|
################################################################################
|
||||||
|
#
|
||||||
|
# USAGE:
|
||||||
|
# ./tintify_core.sh <corescript> <tintified> \
|
||||||
|
# <TINT_ARCHIVE_LINK> <TINT_ARCHIVE> <TINT_DIR> <TINT_SHA1SUM>
|
||||||
|
# where
|
||||||
|
# corescript - path to input core script
|
||||||
|
# tintified - path to output tint script
|
||||||
|
#
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
corescript="$1"
|
||||||
|
tintified="$2"
|
||||||
|
|
||||||
|
#
|
||||||
|
# TINT-specific header
|
||||||
|
#
|
||||||
|
|
||||||
|
#
|
||||||
|
# Insert the properties of the current TINT version
|
||||||
|
#
|
||||||
|
|
||||||
|
echo "#!/bin/sh" > "$tintified"
|
||||||
|
echo "TINT_ARCHIVE_LINK=${3}" >> "$tintified"
|
||||||
|
echo "TINT_ARCHIVE=${4}" >> "$tintified"
|
||||||
|
echo "TINT_DIR=${5}" >> "$tintified"
|
||||||
|
echo "TINT_SHA1SUM=${6}" >> "$tintified"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Add the replace_plus_with_minus() function - needed to fix the version number
|
||||||
|
#
|
||||||
|
|
||||||
|
echo "replace_plus_with_minus() {" >> "$tintified"
|
||||||
|
echo "for x in *\"+\"*; do" >> "$tintified"
|
||||||
|
echo "y=\$(printf %sa \"\$x\" | tr \"+\" \"-\")" >> "$tintified"
|
||||||
|
echo "mv -- \"\$x\" \"\${y%a}\"" >> "$tintified"
|
||||||
|
echo "done" >> "$tintified"
|
||||||
|
echo "}" >> "$tintified"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Add the prepare_TINT() function, it will remove the unneeded debian directory
|
||||||
|
# as well as typedefs.h and old Makefile to significantly reduce the patch size
|
||||||
|
#
|
||||||
|
|
||||||
|
echo "prepare_TINT() {" >> "$tintified"
|
||||||
|
# echo "replace_plus_with_minus" >> "$tintified"
|
||||||
|
echo "if [ ! -z ./\${TINT_DIR} ] && [ -e ./\${TINT_DIR}/debian ] ; then" >> "$tintified"
|
||||||
|
echo "rm -rf ./\${TINT_DIR}/debian ./\${TINT_DIR}/typedefs.h ./\${TINT_DIR}/Makefile;" >> "$tintified"
|
||||||
|
echo "touch ./\${TINT_DIR}/Makefile;" >> "$tintified"
|
||||||
|
echo "fi" >> "$tintified"
|
||||||
|
echo "}" >> "$tintified"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Importing the core script
|
||||||
|
#
|
||||||
|
|
||||||
|
cat "$corescript" >> "$tintified"
|
||||||
|
|
||||||
|
#
|
||||||
|
# download() function adjustments - became necessary after a version number fix
|
||||||
|
#
|
||||||
|
|
||||||
|
sed -i -e "/download() {/a package=\$1\narchive_link=\"\$(eval echo \\\\\$\$package\"_ARCHIVE_LINK\")\"" "$tintified"
|
||||||
|
sed -i -e "s/downloading from \$archive/&_link/g" "$tintified"
|
||||||
|
sed -i -e "s/\(download_showing_percentage \"\$archive\)./\1_link\"/g" "$tintified"
|
||||||
|
|
||||||
|
#
|
||||||
|
# TINT-specific footer
|
||||||
|
#
|
||||||
|
|
||||||
|
echo "if [ ! -d tint ] ; then" >> "$tintified"
|
||||||
|
|
||||||
|
echo "printf \"Downloading and verifying TINT tarball ... \\n\"" >> "$tintified"
|
||||||
|
echo "download TINT || exit \"\$?\"" >> "$tintified"
|
||||||
|
echo "verify_hash TINT \${TINT_SHA1SUM} || exit \"\$?\"" >> "$tintified"
|
||||||
|
echo "printf \"Downloaded TINT tarball ... \${green}ok\${NC}\\n\"" >> "$tintified"
|
||||||
|
|
||||||
|
echo "printf \"Unpacking and patching TINT... \\n\"" >> "$tintified"
|
||||||
|
echo "unpack_and_patch TINT || exit 1" >> "$tintified"
|
||||||
|
echo "printf \"Unpacked and patched TINT... \${green}ok\${NC}\\n\"" >> "$tintified"
|
||||||
|
|
||||||
|
echo "mv ./\${TINT_DIR} ./tint" >> "$tintified"
|
||||||
|
echo "fi" >> "$tintified"
|
||||||
|
|
||||||
|
echo "printf \"Building TINT ... \\n\"" >> "$tintified"
|
||||||
|
echo "make -C ./tint" >> "$tintified"
|
||||||
|
echo "printf \"TINT built ... \${green}ok\${NC}\\n\"" >> "$tintified"
|
||||||
|
|
||||||
|
chmod +x "$tintified"
|
||||||
|
|
||||||
|
#
|
Loading…
Reference in New Issue