Review real.clean global Makefile target which deletes coreboot 3rdparty dir

[paulmenzel]

On a custom distribution, the coreboot build fails due to missing vboot headers.

$ git log --oneline --no-decorate -1
15c4bf9 config/coreboot-qemu-tpm2.config: Disable CCACHE
$ make PATH="/dev/shm/heads/install/x86/bin:$PATH" BOARD=qemu-coreboot-fbwhiptail-tpm2-hotp
[…]
2023-08-16 14:34:37+02:00 CPIO-XZ   build/x86/qemu-coreboot-fbwhiptail-tpm2-hotp/initrd.cpio.xz
4126cdf615bf8c085cffef0cefe46e0e0ccc25d68d06e76190384a4913e71ff2  build/x86/qemu-coreboot-fbwhiptail-tpm2-hotp/initrd.cpio.xz
 5794304:build/x86/qemu-coreboot-fbwhiptail-tpm2-hotp/initrd.cpio.xz
2023-08-16 14:34:45+02:00 MAKE coreboot
tail /dev/shm/heads/build/x86/log/coreboot.log
-----
                 from /dev/shm/heads/build/x86/coreboot-4.19/util/cbfstool/cbfstool.c:11:
/dev/shm/heads/build/x86/coreboot-4.19/src/commonlib/bsd/include/commonlib/bsd/cbfs_serialized.h:7:10: fatal error: vb2_sha.h: No such file or directory
    7 | #include <vb2_sha.h>
      |          ^~~~~~~~~~~
compilation terminated.
In file included from /dev/shm/heads/build/x86/coreboot-4.19/util/cbfstool/common.h:12,
                 from /dev/shm/heads/build/x86/coreboot-4.19/util/cbfstool/elfparsing.h:7,   
                 from /dev/shm/heads/build/x86/coreboot-4.19/util/cbfstool/cbfs-mkstage.c:8: 
/dev/shm/heads/build/x86/coreboot-4.19/src/commonlib/bsd/include/commonlib/bsd/cbfs_serialized.h:7:10: fatal error: vb2_sha.h: No such file or directory
    7 | #include <vb2_sha.h>
      |          ^~~~~~~~~~~
compilation terminated.
make[1]: *** [util/cbfstool/Makefile.inc:170: qemu-coreboot-fbwhiptail-tpm2-hotp/util/cbfstool/xdr.o] Error 1
make[1]: *** [util/cbfstool/Makefile.inc:170: qemu-coreboot-fbwhiptail-tpm2-hotp/util/cbfstool/cbfstool.o] Error 1
make[1]: *** [util/cbfstool/Makefile.inc:170: qemu-coreboot-fbwhiptail-tpm2-hotp/util/cbfstool/cbfs-mkstage.o] Error 1
#
# No change to /dev/shm/heads/build/x86/coreboot-4.19/qemu-coreboot-fbwhiptail-tpm2-hotp/.config
#
qemu-coreboot-fbwhiptail-tpm2-hotp/auto.conf:1568:notice: override: reassigning to symbol LAPIC_ACCESS_MODE
make[1]: Leaving directory '/dev/shm/heads/build/x86/coreboot-4.19'
make: *** [Makefile:461: /dev/shm/heads/build/x86/coreboot-4.19/qemu-coreboot-fbwhiptail-tpm2-hotp/.build] Error 1

Full log: build/x86/log/coreboot.log

 $ find . -iname vb2_sha.h
 $

How should the submodules be retrieved?

[tlaurion]

@paulmenzel once again confused here, since this is not happening on debian-12/debian-11 distribution and where coreboot-4.19 tarball + coreboot-19-blobs tarball are downloaded and extracted as part of the first steps of a clean build and where linux headers are deployed under install also really early on a board build.

This doesn't seem to be linked to custom linux though, but something hacked around locally in your build dir.

user@heads-tests-deb12:~/heads$ find . -iname vb2_sha.h
./build/x86/coreboot-4.11/3rdparty/vboot/firmware/include/vb2_sha.h
./build/x86/coreboot-git/3rdparty/vboot/firmware/include/vb2_sha.h
./build/x86/coreboot-nitrokey/3rdparty/vboot/firmware/include/vb2_sha.h
./build/x86/coreboot-4.17/3rdparty/vboot/firmware/include/vb2_sha.h
./build/x86/coreboot-4.18/3rdparty/vboot/firmware/include/vb2_sha.h
./build/x86/coreboot-4.19/3rdparty/vboot/firmware/include/vb2_sha.h
./build/x86/coreboot-4.13/3rdparty/vboot/firmware/include/vb2_sha.h

Cannot replicate. Let's clear that up without requiring real.clean:

mkdir -p /tmp/test
cd /tmp/test
tar Jxvf ~/heads/packages/x86/coreboot-4.19.tar.xz
find . -iname vb2_sha.h
./coreboot-4.19/3rdparty/vboot/firmware/include/vb2_sha.h

I would suggest hacking Heads buildsystem to have tarball verif + decompression + patching + build rehappening on local build cache:

user@heads-tests-deb12:~/heads$ rm packages/x86/.coreboot-4.19*_verify
user@heads-tests-deb12:~/heads$ make BOARD=qemu-coreboot-fbwhiptail-tpm2
echo "65ccb2f46535b996e0066a1b76f81c8cf1ff3e27df84b3f97d8ad7b3e7cf0a43  /home/user/heads/packages/x86/coreboot-4.19.tar.xz" | sha256sum --check -
/home/user/heads/packages/x86/coreboot-4.19.tar.xz: OK
mkdir -p "/home/user/heads/build/x86/coreboot-4.19/"
tar -xf "/home/user/heads/packages/x86/coreboot-4.19.tar.xz" --strip 1 -C "/home/user/heads/build/x86/coreboot-4.19/"
if [ -r patches/coreboot-4.19.patch ]; then ( git apply --verbose --reject --binary --directory build/x86/coreboot-4.19 ) < patches/coreboot-4.19.patch || exit 1 ; fi
if [ -d patches/coreboot-4.19 ] && [ -r patches/coreboot-4.19 ] ; then for patch in patches/coreboot-4.19/*.patch ; do echo "Applying patch file : $patch " ; ( git apply --verbose --reject --binary --directory build/x86/coreboot-4.19 ) < $patch || exit 1 ; done ; fi
Applying patch file : patches/coreboot-4.19/0001-x230-fhd-variant.patch 
Checking patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Kconfig...
Checking patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Kconfig.name...
Checking patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Makefile.inc...
Checking patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/variants/x230_edp/data.vbt...
error: build/x86/coreboot-4.19/src/mainboard/lenovo/x230/variants/x230_edp/data.vbt: already exists in working directory
Checking patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/variants/x230_edp/gma-mainboard.ads...
error: build/x86/coreboot-4.19/src/mainboard/lenovo/x230/variants/x230_edp/gma-mainboard.ads: already exists in working directory
Applied patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Kconfig cleanly.
Applied patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Kconfig.name cleanly.
Applied patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Makefile.inc cleanly.
make: *** [Makefile:468: /home/user/heads/build/x86/coreboot-4.19/.canary] Error 1

Which will fail because 4.19 patches create files (edp) which you need to delete:

user@heads-tests-deb12:~/heads$ rm build/x86/coreboot-4.19/src/mainboard/lenovo/x230/variants/x230_edp/data.vbt build/x86/coreboot-4.19/src/mainboard/lenovo/x230/variants/x230_edp/gma-mainboard.ads
user@heads-tests-deb12:~/heads$ make BOARD=qemu-coreboot-fbwhiptail-tpm2
mkdir -p "/home/user/heads/build/x86/coreboot-4.19/"
tar -xf "/home/user/heads/packages/x86/coreboot-4.19.tar.xz" --strip 1 -C "/home/user/heads/build/x86/coreboot-4.19/"
if [ -r patches/coreboot-4.19.patch ]; then ( git apply --verbose --reject --binary --directory build/x86/coreboot-4.19 ) < patches/coreboot-4.19.patch || exit 1 ; fi
if [ -d patches/coreboot-4.19 ] && [ -r patches/coreboot-4.19 ] ; then for patch in patches/coreboot-4.19/*.patch ; do echo "Applying patch file : $patch " ; ( git apply --verbose --reject --binary --directory build/x86/coreboot-4.19 ) < $patch || exit 1 ; done ; fi
Applying patch file : patches/coreboot-4.19/0001-x230-fhd-variant.patch 
Checking patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Kconfig...
Checking patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Kconfig.name...
Checking patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Makefile.inc...
Checking patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/variants/x230_edp/data.vbt...
Checking patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/variants/x230_edp/gma-mainboard.ads...
Applied patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Kconfig cleanly.
Applied patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Kconfig.name cleanly.
Applied patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/Makefile.inc cleanly.
Applied patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/variants/x230_edp/data.vbt cleanly.
Applied patch build/x86/coreboot-4.19/src/mainboard/lenovo/x230/variants/x230_edp/gma-mainboard.ads cleanly.
Applying patch file : patches/coreboot-4.19/0002-libgfxinit-center_bootsplash_on_bigger_framebuffers.patch 
Checking patch build/x86/coreboot-4.19/src/include/bootsplash.h...
Checking patch build/x86/coreboot-4.19/src/lib/bootsplash.c...
Checking patch build/x86/coreboot-4.19/src/lib/coreboot_table.c...
Hunk #1 succeeded at 154 (offset -1 lines).
Checking patch build/x86/coreboot-4.19/src/lib/jpeg.c...
Checking patch build/x86/coreboot-4.19/src/lib/jpeg.h...
Checking patch build/x86/coreboot-4.19/util/fuzz-tests/jpeg-test.c...
Applied patch build/x86/coreboot-4.19/src/include/bootsplash.h cleanly.
Applied patch build/x86/coreboot-4.19/src/lib/bootsplash.c cleanly.
Applied patch build/x86/coreboot-4.19/src/lib/coreboot_table.c cleanly.
Applied patch build/x86/coreboot-4.19/src/lib/jpeg.c cleanly.
Applied patch build/x86/coreboot-4.19/src/lib/jpeg.h cleanly.
Applied patch build/x86/coreboot-4.19/util/fuzz-tests/jpeg-test.c cleanly.
Applying patch file : patches/coreboot-4.19/0003-linux_trampoline-handle_coreboot_framebuffer.patch 
Checking patch build/x86/coreboot-4.19/util/cbfstool/linux_trampoline.S...
Checking patch build/x86/coreboot-4.19/util/cbfstool/linux_trampoline.c...
Applied patch build/x86/coreboot-4.19/util/cbfstool/linux_trampoline.S cleanly.
Applied patch build/x86/coreboot-4.19/util/cbfstool/linux_trampoline.c cleanly.
Applying patch file : patches/coreboot-4.19/0004-bootsplash-Add_ImageMagick_voodoo.patch 
Checking patch build/x86/coreboot-4.19/Makefile.inc...
Hunk #1 succeeded at 335 (offset -22 lines).
Hunk #2 succeeded at 1248 (offset -51 lines).
Checking patch build/x86/coreboot-4.19/src/Kconfig...
Hunk #1 succeeded at 436 (offset -11 lines).
Hunk #2 succeeded at 1459 (offset -30 lines).
Applied patch build/x86/coreboot-4.19/Makefile.inc cleanly.
Applied patch build/x86/coreboot-4.19/src/Kconfig cleanly.
make -C "/home/user/heads/build/x86/coreboot-4.19" CPUS=2 "crossgcc-i386"
make[1]: Entering directory '/home/user/heads/build/x86/coreboot-4.19'
Welcome to the coreboot cross toolchain builder v_ 

Building toolchain using 2 thread(s).

Target architecture is i386-elf

Found compatible Ada compiler, enabling Ada support by default.

Downloading and verifying tarballs ...
 * gmp-6.2.1.tar.xz (cached)... hash verified (0578d48607ec0e272177d175fd1807c30b00fdf2)
 * mpfr-4.1.1.tar.xz (cached)... hash verified (2355e921d6c97c898cfe7a57dd7e72725f1fded4)
 * mpc-1.2.1.tar.gz (cached)... hash verified (2a4919abf445c6eda4e120cd669b8733ce337227)
 * binutils-2.37.tar.xz (cached)... hash verified (e9cf391b000010d6c752771974b394c9c743c928)
 * gcc-11.2.0.tar.xz (cached)... ^CStop
make[3]: *** [Makefile:20: build_gcc] Error 1
make[2]: *** [Makefile:36: build-i386] Interrupt
make[1]: *** [util/crossgcc/Makefile.inc:32: crossgcc-i386] Interrupt
make: *** [modules/coreboot:144: /home/user/heads/build/x86/coreboot-4.19/.heads-toolchain] Interrupt

At which point I would not understand why the file would be missing:

user@heads-tests-deb12:~/heads$ find build/x86/coreboot-4.19 -iname vb2_sha.h
build/x86/coreboot-4.19/3rdparty/vboot/firmware/include/vb2_sha.h
^C

[paulmenzel]

$ ls ./build/x86/coreboot-4.19/3rdparty/
Makefile  amd_blobs  blobs  fsp  intel-microcode  qc_blobs
$ md5sum packages/x86/coreboot-4.19.tar.xz
10a705f89d95fb3594adff786a53c8ea  packages/x86/coreboot-4.19.tar.xz
$ tar -list -f packages/x86/coreboot-4.19.tar.xz | grep vb2_sha.h
coreboot-4.19/3rdparty/vboot/firmware/include/vb2_sha.h

But real.clean removes the directory build/x86/coreboot-4.19/3rdparty, so that is the problem:

$ make BOARD=qemu-coreboot-fbwhiptail-tpm2-hotp real.clean
for dir in \
        qemu-coreboot-fbwhiptail-tpm2-hotp bash-5.1.16 busybox-1.33.2 cairo-1.14.12 coreboot-4.19/qemu-coreboot-fbwhiptail-tpm2-hotp coreboot-4.19/3rdparty cryptsetup-2.3.3 dropbear-2016.74 fbwhiptail-1b3ee5ca1e297a977d9ebab49df942c51d619ecd flashrom-1776bb46ba6ea3d1ab2ec3f0cd88158aabed7400 flashtools-d1e6f12568cb23387144a4b7a6535fe1bc1e79b1 gnupg-2.4.0 hotp-verification-b2b924eabd4d713f73bfaa298cc4c759421caf8f hotp-verification-b2b924eabd4d713f73bfaa298cc4c759421caf8f/hidapi json-c-0.14 kexec-tools-2.0.26 libassuan-2.5.5 libgcrypt-1.10.1 libgpg-error-1.46 libksba-1.6.3 libpng-1.6.34 libusb-1.0.21 libusb-compat-0.1.5 linux-5.10.5/linux-qemu lvm2.2.02.168 mbedtls-2.4.2 msrtools-572ef8a2b873eda15a322daa48861140a078b92c npth-1.6 openssl-3.0.8 pciutils-3.5.4 pinentry-1.1.0 pixman-0.34.0 popt-1.16 qrencode-3.4.4 tpm2-tools-5.2 tpm2-tss-3.2.0 tpmtotp-4d63d21c8b7db2e92ddb393057f168aead147f47 util-linux-2.29.2 zlib-1.2.11 \
         \
; do \
        if [ ! -z "$dir" ]; then \
                rm -rf "build/x86/$dir"; \
        fi; \
done
cd install && rm -rf -- *

[paulmenzel]

So after make BOARD=qemu-coreboot-fbwhiptail-tpm2-hotp real.clean doing rm -rf build/x86/coreboot-4.19/, and then building the board again got me build/x86/coreboot-4.19/qemu-coreboot-fbwhiptail-tpm2-hotp/coreboot.rom.

[tlaurion]

@paulmenzel awesome. Will keep that open to clarify what should be the proper handling of coreboot's 3rdparty directory from real.clean global Makefile helper.

---

What I normally do in testing is outlined under board config md file, as detailed as referred https://osresearch.net/Emulating-Heads/#comprehensive-test

On a daily development cycle, usage looks like:

• make BOARD=qemu-coreboot-fbwhiptail-tpm1 PUBKEY_ASC=~/pub_key_counterpart_of_usb_dongle.asc USB_TOKEN=NitrokeyStorage ROOT_DISK_IMG=~/heads/build/x86/qemu-coreboot-fbwhiptail-tpm1-hotp/root.qcow2 inject_gpg
• make BOARD=qemu-coreboot-fbwhiptail-tpm1 PUBKEY_ASC=~/pub_key_counterpart_of_usb_dongle.asc USB_TOKEN=NitrokeyStorage ROOT_DISK_IMG=~/heads/build/x86/qemu-coreboot-fbwhiptail-tpm1-hotp/root.qcow2 run

ROOT_DISK_IMG being specified because I reuse the same raw disk and specify its path. This takes for granted you have swtpm on your OS already deployed, and use a NitrokeyPro/NitrokeyStorage/LibremKey that needs to be passed through USB_TOKEN= to be passed through to qemu with embedded device and product id, hardcoded in the board config Makefiles.

If you have any recommendation in the found issues related, don't hesitate to do Pull Requests. Finding issues is nice. Fixing them is awesome. Welcome to qemu boards, which on master are now propelled by bochs native graphic init in coreboot + efifb patches and efifb in linux kernel with fbwhiptail dealing properly with exposed fb.