From 6cf5223d417f5cca35b8cfd200d874839904732f Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Thu, 30 Mar 2023 12:23:29 -0700 Subject: [PATCH] ecfw: move flashing scripts to separate derivation --- src/platform/kevin/default.nix | 5 +- src/platform/kevin/ecfw/default.nix | 65 +---------------------- src/platform/kevin/ecfw/scripts.nix | 81 +++++++++++++++++++++++++++++ 3 files changed, 85 insertions(+), 66 deletions(-) create mode 100644 src/platform/kevin/ecfw/scripts.nix diff --git a/src/platform/kevin/default.nix b/src/platform/kevin/default.nix index 6905850..6d95f24 100644 --- a/src/platform/kevin/default.nix +++ b/src/platform/kevin/default.nix @@ -99,9 +99,10 @@ in { # built fromm source arm-none-eabi-gcc = final.nixpkgsOnBuildForBuild.pkgsCross.arm-embedded.buildPackages.gcc6; + }; - inherit (final) ectool; - + ecfw-scripts = final.nixpkgsOnBuildForHost.callPackage (import ./ecfw/scripts.nix) { + inherit (final) ectool ecfw; flashrom-chromebook = final.nixpkgsOnBuildForHost.callPackage ../../util/flashrom { forChromebook = true; }; }; diff --git a/src/platform/kevin/ecfw/default.nix b/src/platform/kevin/ecfw/default.nix index 5cc2245..9303bda 100644 --- a/src/platform/kevin/ecfw/default.nix +++ b/src/platform/kevin/ecfw/default.nix @@ -11,8 +11,6 @@ , ncurses , fetchgit , buildPackages -, ectool -, flashrom-chromebook }: let makeTarget = "build/${boardName}/ec.bin"; @@ -75,72 +73,11 @@ in stdenv.mkDerivation (finalAttrs: { makeTarget ]; - flashEcRw = '' - #!/usr/bin/env bash - set -euo pipefail - - echo - echo "rebooting EC into the RO image..." - ${ectool}/bin/ectool reboot_ec RO - ${ectool}/bin/ectool version | grep 'Firmware copy: RO' - - echo - echo "enabling RO image write protect..." - ${ectool}/bin/ectool flashprotect enable | head -n1 | grep ro_now - ${flashrom-chromebook}/bin/flashrom-chromebook -p ec --wp-status | grep "write protect is enabled" - - echo - echo "writing the RW image..." - ${flashrom-chromebook}/bin/flashrom-chromebook -p ec -i EC_RW -w ${placeholder "out"}/ecfw.bin - ${ectool}/bin/ectool version - - echo - echo "rebooting into the new RW image..." - ${ectool}/bin/ectool reboot_ec RW - sleep 2 - ${ectool}/bin/ectool version - ${ectool}/bin/ectool version | grep 'Firmware copy: RW' - ''; - - flashEcRo = '' - #!/usr/bin/env bash - set -euo pipefail - - echo - echo "making sure you are in the RW image before flashing the RO..." - ${ectool}/bin/ectool version | grep 'Firmware copy: RW' - - echo - echo "disabling RO image write protect..." - ${ectool}/bin/ectool flashprotect disable - ${flashrom-chromebook}/bin/flashrom-chromebook -p ec --wp-status | grep "write protect is disabled" - - echo - echo "writing the RO image..." - ${flashrom-chromebook}/bin/flashrom-chromebook -p ec -i EC_RO -w ${placeholder "out"}/ecfw.bin - ${ectool}/bin/ectool version - - echo - echo "rebooting into the new RO image..." - ${ectool}/bin/ectool reboot_ec RO - sleep 2 - ${ectool}/bin/ectool version - ${ectool}/bin/ectool version | grep 'Firmware copy: RO' - - echo - echo "re-enabling RO image write protect..." - ${ectool}/bin/ectool flashprotect enable - ${flashrom-chromebook}/bin/flashrom-chromebook -p ec --wp-status | grep "write protect is enabled" - ''; - - passAsFile = [ "getVersion" "flashEcRo" "flashEcRw" ]; + passAsFile = [ "getVersion" ]; installPhase = '' mkdir -p $out/bin mv ${makeTarget} $out/ecfw.bin - cp $flashEcRoPath $out/bin/flash-ec-ro.sh - cp $flashEcRwPath $out/bin/flash-ec-rw.sh - chmod +x $out/bin/flash-ec-ro.sh $out/bin/flash-ec-rw.sh ''; meta = with lib; { diff --git a/src/platform/kevin/ecfw/scripts.nix b/src/platform/kevin/ecfw/scripts.nix new file mode 100644 index 0000000..f2ec8a0 --- /dev/null +++ b/src/platform/kevin/ecfw/scripts.nix @@ -0,0 +1,81 @@ +{ stdenv +, lib +, runtimeShell +, ecfw +, ectool +, flashrom-chromebook +}: + +stdenv.mkDerivation { + pname = "ecfw-scripts"; + inherit (ecfw) version; + + flashEcRw = '' + #!${runtimeShell} + set -euo pipefail + + echo + echo "rebooting EC into the RO image..." + ${ectool}/bin/ectool reboot_ec RO + sleep 2 + ${ectool}/bin/ectool version | grep 'Firmware copy: RO' + + echo + echo "enabling RO image write protect..." + ${ectool}/bin/ectool flashprotect enable | head -n1 | grep ro_now + ${flashrom-chromebook}/bin/flashrom-chromebook -p ec --wp-status | grep "write protect is enabled" + + echo + echo "writing the RW image..." + ${flashrom-chromebook}/bin/flashrom-chromebook -p ec -i EC_RW -w ${ecfw}/ecfw.bin + ${ectool}/bin/ectool version + + echo + echo "rebooting into the new RW image..." + ${ectool}/bin/ectool reboot_ec RW + sleep 2 + ${ectool}/bin/ectool version + ${ectool}/bin/ectool version | grep 'Firmware copy: RW' + ''; + + flashEcRo = '' + #!${runtimeShell} + set -euo pipefail + + echo + echo "making sure you are in the RW image before flashing the RO..." + ${ectool}/bin/ectool version | grep 'Firmware copy: RW' + + echo + echo "disabling RO image write protect..." + ${ectool}/bin/ectool flashprotect disable + ${flashrom-chromebook}/bin/flashrom-chromebook -p ec --wp-status | grep "write protect is disabled" + + echo + echo "writing the RO image..." + ${flashrom-chromebook}/bin/flashrom-chromebook -p ec -i EC_RO -w ${ecfw}/ecfw.bin + ${ectool}/bin/ectool version + + echo + echo "rebooting into the new RO image..." + ${ectool}/bin/ectool reboot_ec RO + sleep 2 + ${ectool}/bin/ectool version + ${ectool}/bin/ectool version | grep 'Firmware copy: RO' + + echo + echo "re-enabling RO image write protect..." + ${ectool}/bin/ectool flashprotect enable + ${flashrom-chromebook}/bin/flashrom-chromebook -p ec --wp-status | grep "write protect is enabled" + ''; + + dontUnpack = true; + dontBuild = true; + passAsFile = [ "flashEcRo" "flashEcRw" ]; + installPhase = '' + mkdir -p $out/bin + cp $flashEcRoPath $out/bin/flash-ec-ro.sh + cp $flashEcRwPath $out/bin/flash-ec-rw.sh + chmod +x $out/bin/flash-ec-ro.sh $out/bin/flash-ec-rw.sh + ''; +}