it's still outputting to a file, with an error handle
there, but use of x_ on the sha512sum command itself
adds further assurance of reliability.
Signed-off-by: Leah Rowe <leah@libreboot.org>
use the new functionality in err(), whereby a given
function name and arguments can be provided, for
debugging purposes.
something similar was already done in a few places,
and replaced with this unified functionality.
this patch will make xbmk much easier to debug, under
fault conditions.
Signed-off-by: Leah Rowe <leah@libreboot.org>
if more than one argument is provided, it is interpreted
as a command, and the command is outputted.
this means that now for example, where you have:
ls -l foo | err "could not list directory"
you could do:
ls -l foo | err "could not list directory" "$@"
this would show all the arguments given to the calling
function that tried to run "ls"
let's say that function was called bar, you might do:
ls -l foo | err "could not list directory" bar "$@"
right now, it's not easy to provide good debug info
where err is used, unless it was called with x_, which
provides the command/arguments that was bugging out.
with this, we now have an easy and readable/maintainable
way to do the same thing everywhere in xbmk.
this will now be done, in a follow-up commit.
Signed-off-by: Leah Rowe <leah@libreboot.org>
otherwise, some files from a previous me.bin scan
might still be there, which could lead to the wrong
me.bin being found.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the newer way handles escaped characters better, and it
can be nested more easily. it's also more readable.
personally, i prefer the old way, because it's more
minimalist, but it occurs to me that a lot of people
nowadays don't know about backticks, but they do know
of the modern way.
to make the code more readable, i have modernised it.
Signed-off-by: Leah Rowe <leah@libreboot.org>
you can still remove it with the -f flag on rm, but
xbmk only does that on exit from the main parent
instance, or after each build stage in release.sh
because of this, the user could still manually override
the lock file; this would cause running instances of lbmk
to restart wrongly as parent instances.
there's no way to fix any of this, but users don't normally
put -f in their rm commands.
however, this is also a preventative bug fix. if a bug
is ever caused in the future, where the lock file is
created erroneously, the write protection will prevent that,
so long as *it* is still done.
Signed-off-by: Leah Rowe <leah@libreboot.org>
do away with redundant variable "vendir"
the "appdir" directory is for files extracted from
vendor updates, which are then further processed to
create the real files that we need, such as me.bin
images processed via me_cleaner.
thus, appdir should go in xbtmp.
the appdir currently clutters vendorfiles/, which is
not ideal.
we want it to be that the vendorfiles/ directory only
contains the final firmwares.
Signed-off-by: Leah Rowe <leah@libreboot.org>
e.g. gnupath, xbmkpath
these currently go in XBMK_CACHE/, which is bad
because they're meant to be temporary.
XBMK_CACHE is for permanent files.
Signed-off-by: Leah Rowe <leah@libreboot.org>
We currently use GNU-only options in the date command,
when initialising a Git repository.
This isn't a problem in practise, on non-GNU implementations
if not initialising a Git repository, because it's only
used in that situation.
In practise, only those systems with GNU coreutils and libc
are used to compile releases, so this is OK for me at least.
Future portability improvements will correct the issue, and
then this error check can be removed.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the release functions in release.sh rely on the
version string *not* being a path containing slashes.
just a single string e.g. "foo", not e.g. "foo/bar"
this is because several checks there make that
assumption. in practise, we always ensure that tags
and such do not contain these characters.
however, someone else working on their own version
of xbmk might not know of this design flaw, so let's
try to correct it in code.
we can add more filtering as designed, in the relevant
function (xbmk_sanitize_version).
Signed-off-by: Leah Rowe <leah@libreboot.org>
XBMK_CACHE is meant for permanent cached files, not
temporarily files.
the temporary release files are copied upon successful
return, to their rightful place under release/
this new change also reduces the chance of race
conditions, if multiple xbmk instances are used; while
not yet supported as a use-case, this is a goal for a
future design change.
Signed-off-by: Leah Rowe <leah@libreboot.org>
similar to the previous failed patch, which tried to
also generate it each time, but that led to issues.
this version of the same change merely maintains the
current hardcoding logic, while putting it in xbtmp.
that way, it's more robustly cleared upon exit from
the parent instance of xbmk.
this also reduces the chance of race conditions,
since it's in a unique place each time, rather than
going in XBMK_CACHE.
Signed-off-by: Leah Rowe <leah@libreboot.org>
i added a stricter check recently, but this broke
extraction on fresh lbmk clones, tested when doing
a release-build test.
loosen it up again, but only for find_me
Signed-off-by: Leah Rowe <leah@libreboot.org>
this removes the current hackiness, preventing
build errors since xbtmp is now based on xbmkpwd,
which changes when we're in the release dir.
XBMK_RELEASE is still set accordingly, so this
will still work the same way.
this is also cleaner in general.
XBMK_CACHE is still the same, so the release work
directory still re-uses files from the main work
directory, rather than re-creating them.
Signed-off-by: Leah Rowe <leah@libreboot.org>
this is because when using chained commands at the end
of functions, sometimes you have to explicitly terminate
the line.
the way i do it in this patch is common across the
build system, to mitigate this sh quirk.
Signed-off-by: Leah Rowe <leah@libreboot.org>
and generate them, don't hardcode them - this reduces
the chance of race conditions, which we have seen in
the past and which current execution flow in xbmk even
mitigates in a few places, by doing things in a certain
order.
this change makes the code more robust and easier to
maintain.
Signed-off-by: Leah Rowe <leah@libreboot.org>
we no longer separate them. xbloc was the on-disk
tmp directory, whereas xbtmp used to be in /tmp
which we assumed to be tmpfs (it may not be, but
often is on many workstation setups - and our
documentation recommended doing this).
as mentioned in the previous commit, benchmarking
shows little speed difference using tmpfs /tmp
versus on-disk /tmp, for our purposes at least.
therefore, the handling of tmp files is being
greatly simplified.
Signed-off-by: Leah Rowe <leah@libreboot.org>
This way, all operations will be done inside the xbmk
work directory. This is being done, so that I can then
reliably sandybox certain commands in future commits,
for example the "rm" command.
This will also allow me to unify the location of all
temporary files, in future commits. I previously used
the /tmp directory because it's tmpfs-based on many
setups, and this is great for performance. However, in
practise, I never noticed any difference in performance
when benchmarking it (testing /tmp on-disk versus tmpfs).
Signed-off-by: Leah Rowe <leah@libreboot.org>
this lets you change the directory for outputted
release files, versus the default "release" directory.
this code is buggy, because it could let you overwrite
a part of xbmk or worse - and checking for such bad
usage would require a lot more code.
knobs are for nobs.
Signed-off-by: Leah Rowe <leah@libreboot.org>
the actual code works fine, but it's quite hacky.
there are times when use of eval is acceptable; this
is not one of those times, but i'd used it in this
instance when i was being a bit crazy about code size
reductions during my audits.
Signed-off-by: Leah Rowe <leah@libreboot.org>
setting a variable in this way will never result in
an error. this is a relic from a prior re-factoring
versus older versions of the code.
Signed-off-by: Leah Rowe <leah@libreboot.org>
we need to copy the main lock file, rather than creating
a new, empty one. this is because the new lock file
handling requires it, and the release lock file will
be used during release builds.
Signed-off-by: Leah Rowe <leah@libreboot.org>
set - as soon as possible, for example in the extract_me
function.
we only turn off error handling when certain error-prone
tasks are performed, and mitigations are in place after
these commands run to make sure that the result was valid.
this is because in some cases, we want certain buggy behaviours
to be permitted, with errors handled in a more fine-tuned way,
because sh can sometimes be much stricter depending on the
implementation; otherwise, we almost always rely on -e -u in
most of the build system.
this mainly affects the vendorfile insertion logic.
Signed-off-by: Leah Rowe <leah@libreboot.org>
this is a general function that sets variables,
but there are many types of variables to be set.
rather than have all the logic inside this function,
handle it in subfunctions called by xbmk_set_env.
Signed-off-by: Leah Rowe <leah@libreboot.org>
we don't need these anymore, because we now know
whether or not the lock file exists in these cases.
this is because child/parent instance determination
is now done based on the presence of that file, rather
than how TMPDIR is set; and TMPDIR is now set accordingly,
via more robust logic as in previous patching.
Signed-off-by: Leah Rowe <leah@libreboot.org>
it is extremely unlikely to occur, but this patch reduces
the likelihood even further. that unlikely occurance is:
when creating a TMPDIR, it's possible that it was already
created before. this is OK on child instances, where that
is the intended behaviour (unified TMPDIR), but not for
parent instances.
Signed-off-by: Leah Rowe <leah@libreboot.org>
we previously checked whether xbmk was running a child
instance, based on the initialisation of TMPDIR, but
this relied on unreliable string substitutions, which
could not be made inherently reliable. there were also
no checks on whether the given TMPDIR, even if correct,
was a directory or whether it was a symlink; there were
also no checks on whether it changed.
now with this change, child instances are detected by
the presence of the lock file. the parent instance
writes the generated TMPDIR location in that file, and
this is checked again in the child instance, to ensure
that the TMPDIR didn't change; it also errors out if
the TMPDIR doesn't exist or if it is a symlink.
Signed-off-by: Leah Rowe <leah@libreboot.org>
for the grep command, we must ensure that errors are
suppressed *BEFORE* outputting to a file. depending
on the sh implementation, the previous code might
have begun outputting to a file before suppressing
errors.
Signed-off-by: Leah Rowe <leah@libreboot.org>
