diff --git a/x230/README.md b/x230/README.md index 4fff565..582c67a 100644 --- a/x230/README.md +++ b/x230/README.md @@ -212,11 +212,15 @@ this is very dangerous: ## Moving to Heads [Heads](http://osresearch.net/) is an alternative BIOS system with advanced -security features. When having Skulls installed, installing Heads should be -as easy as updating Skulls. +security features. When having Skulls installed, installing Heads is +as easy as updating Skulls: -TODO +* build Heads or get a trusted image file: the 12M image in `build/x230/coreboot.rom` +* copy it into the Skulls x230 directory +* run `sudo ./x230_heads.sh` +That's it. Please read the [Heads documentation](http://osresearch.net/) for +how to use it. ## Why does this work? On the X230, there are 2 physical "BIOS" chips. The "upper" 4MB diff --git a/x230/x230_heads.sh b/x230/x230_heads.sh new file mode 100755 index 0000000..0c6a676 --- /dev/null +++ b/x230/x230_heads.sh @@ -0,0 +1,121 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-3.0+ +# Copyright (C) 2018, Martin Kepplinger +RED='\033[0;31m' +GREEN='\033[0;32m' +NC='\033[0m' + +set -e +have_input_image=0 + +usage() +{ + echo "Skulls for the X230" + echo " Run this script on the X230 directly." + echo " It installs Heads, see http://osresearch.net" + echo " Make sure you booted Linux with iomem=relaxed" + echo "" + echo "Usage: $0 -i .rom" +} + +args=$(getopt -o i:h -- "$@") +if [ $? -ne 0 ] ; then + usage + exit 1 +fi + +eval set -- "$args" +while [ $# -gt 0 ] +do + case "$1" in + -i) + INPUT_IMAGE_PATH=$2 + have_input_image=1 + shift + ;; + -h) + usage + exit 1 + ;; + --) + shift + break + ;; + *) + echo "Invalid option: $1" + exit 1 + ;; + esac + shift +done + +if [ ! "$have_input_image" -gt 0 ] ; then + image_available=$(ls -1 | grep rom || true) + if [ -z "${image_available}" ] ; then + echo "No image file found. Please add -i " + echo "" + usage + exit 1 + fi + + prompt="file not specified. Please select a file to flash:" + options=( $(find -maxdepth 1 -name "*rom" -print0 | xargs -0) ) + + PS3="$prompt " + select INPUT_IMAGE_PATH in "${options[@]}" "Quit" ; do + if (( REPLY == 1 + ${#options[@]} )) ; then + exit + + elif (( REPLY > 0 && REPLY <= ${#options[@]} )) ; then + echo "You picked $INPUT_IMAGE_PATH which is file $REPLY" + break + + else + echo "Invalid option. Try another one." + fi + done +fi + + +OUTPUT_PATH=output +INPUT_IMAGE_NAME=$(basename ${INPUT_IMAGE_PATH}) +OUTPUT_IMAGE_NAME=${INPUT_IMAGE_NAME%%.*}_prepared.rom +OUTPUT_IMAGE_PATH=${OUTPUT_PATH}/${OUTPUT_IMAGE_NAME} + +echo -e "creating ${GREEN}${OUTPUT_IMAGE_PATH}${NC} from ${INPUT_IMAGE_NAME}" + + +input_filesize=$(wc -c <"$INPUT_IMAGE_PATH") +reference_filesize=12582912 +if [ ! "$input_filesize" -eq "$reference_filesize" ] ; then + echo "Error: input file must be 12MB of size" + exit 1 +fi + +rm -rf ${OUTPUT_PATH} +mkdir ${OUTPUT_PATH} + +cp ${INPUT_IMAGE_PATH} ${OUTPUT_IMAGE_PATH} +LAYOUT_FILENAME="x230-layout-heads.txt" + +echo "0x00000000:0x00000fff ifd" > ${OUTPUT_PATH}/${LAYOUT_FILENAME} +echo "0x00001000:0x00002fff gbe" >> ${OUTPUT_PATH}/${LAYOUT_FILENAME} +echo "0x00003000:0x004fffff me" >> ${OUTPUT_PATH}/${LAYOUT_FILENAME} +echo "0x00500000:0x00bfffff bios" >> ${OUTPUT_PATH}/${LAYOUT_FILENAME} + +echo "---------------------------------------------------------" +echo -e "${RED}CAUTION: internal flashing is NOT encouraged${NC}" +echo "" +echo "prepared files for internal flashing in output directory." +echo "template flashrom command (please adapt the chip name) :" +echo "" +echo -e "${GREEN}cd output${NC}" +echo -e "${GREEN}flashrom -p internal --layout ${LAYOUT_FILENAME} --image bios -w ${OUTPUT_IMAGE_NAME}${NC}" +while true; do + read -p "Do you wish to run this now? y/N: " yn + case $yn in + [Yy]* ) cd output && flashrom -p internal --layout ${LAYOUT_FILENAME} --image bios -w ${OUTPUT_IMAGE_NAME}; break;; + [Nn]* ) exit;; + * ) exit;; + esac +done