335 lines
11 KiB
Bash
Executable File
335 lines
11 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
#
|
|
# Copyright © 2023 Mike Beaton. All rights reserved.
|
|
# SPDX-License-Identifier: BSD-3-Clause
|
|
#
|
|
# Insert EFI into AMD or Nvidia VBIOS.
|
|
# Tested back to Mac OS X 10.11 El Capitan.
|
|
#
|
|
|
|
usage() {
|
|
echo "Usage: ./${SELFNAME} [args] {rom-file} {efi-file} {out-file}"
|
|
echo "Args:"
|
|
echo " -a : AMD"
|
|
echo " -n : Nvidia"
|
|
echo " -o {GOP offset} : GOP offset (auto-detected if Homebrew grep is installed)"
|
|
echo " Can specify 0x{hex} or {decimal}"
|
|
echo " -t {temp dir} : Specify temporary directory, and keep temp files"
|
|
echo " -m {max size} : Specify VBIOS max size (Nvidia only)"
|
|
echo " (For AMD first 128KB is modified, any remainder is kept)"
|
|
echo "Examples:"
|
|
echo " ./${SELFNAME} -n -o 0xFC00 nv.rom EnableGop.efi nv_mod.rom"
|
|
echo " ./${SELFNAME} -n nv.rom EnableGop.efi nv_mod.rom"
|
|
echo " ./${SELFNAME} -a amd.rom EnableGop.efi amd_mod.rom"
|
|
echo ""
|
|
}
|
|
|
|
SELFNAME="$(/usr/bin/basename "${0}")"
|
|
|
|
commands=(
|
|
"EfiRom"
|
|
"UEFIRomExtract"
|
|
"hexdump"
|
|
"grep"
|
|
)
|
|
|
|
FOUND=1
|
|
for command in "${commands[@]}"; do
|
|
if ! command -v "$command" 1>/dev/null ; then
|
|
echo "${command} not available!"
|
|
FOUND=0
|
|
fi
|
|
done
|
|
|
|
if [ "$FOUND" -eq 0 ] ; then
|
|
exit 1
|
|
fi
|
|
|
|
AMD=0
|
|
AMD_SAFE_SIZE="0x20000"
|
|
NVIDIA_SAFE_SIZE="0x40000"
|
|
GOP_OFFSET="-"
|
|
NVIDIA=0
|
|
POS=0
|
|
TRUNCATE=0
|
|
|
|
while true; do
|
|
if [ "$1" = "-a" ] ; then
|
|
AMD=1
|
|
NVIDIA=0
|
|
shift
|
|
elif [ "$1" = "-n" ] ; then
|
|
AMD=0
|
|
NVIDIA=1
|
|
shift
|
|
elif [ "$1" = "-o" ] ; then
|
|
shift
|
|
if [ "$1" != "" ] && ! [ "${1:0:1}" = "-" ] ; then
|
|
GOP_OFFSET=$1
|
|
shift
|
|
else
|
|
echo "No GOP offset specified" && exit 1
|
|
fi
|
|
elif [ "$1" = "-s" ] ; then # semi-secret option to modify AMD safe size
|
|
shift
|
|
if [ "$1" != "" ] && ! [ "${1:0:1}" = "-" ] ; then
|
|
AMD_SAFE_SIZE=$1
|
|
shift
|
|
else
|
|
echo "No AMD safe size specified" && exit 1
|
|
fi
|
|
elif [ "$1" = "-m" ] ; then
|
|
shift
|
|
if [ "$1" != "" ] && ! [ "${1:0:1}" = "-" ] ; then
|
|
TRUNCATE=1
|
|
TRUNCATE_SIZE=$1
|
|
NVIDIA_SAFE_SIZE=$TRUNCATE_SIZE
|
|
shift
|
|
else
|
|
echo "No max size specified" && exit 1
|
|
fi
|
|
elif [ "$1" = "-t" ] ; then
|
|
shift
|
|
if [ "$1" != "" ] && ! [ "${1:0:1}" = "-" ] ; then
|
|
TEMP_DIR=$1
|
|
shift
|
|
else
|
|
echo "No temp dir specified" && exit 1
|
|
fi
|
|
elif [ "${1:0:1}" = "-" ] ; then
|
|
echo "Unknown option: ${1}" && exit 1
|
|
elif [ "$1" != "" ] ; then
|
|
case "$POS" in
|
|
0 )
|
|
ROM_FILE="$1"
|
|
;;
|
|
1 )
|
|
EFI_FILE="$1"
|
|
;;
|
|
2 )
|
|
OUT_FILE="$1"
|
|
;;
|
|
* )
|
|
echo "Too many filenames specified" && exit 1
|
|
;;
|
|
esac
|
|
POS=$(($POS+1))
|
|
shift
|
|
else
|
|
break
|
|
fi
|
|
done
|
|
|
|
if [ "$ROM_FILE" = "" ] ||
|
|
[ "$EFI_FILE" = "" ] ||
|
|
[ "$OUT_FILE" = "" ] ; then
|
|
usage
|
|
exit 0
|
|
fi
|
|
|
|
if [ "$AMD" -eq 0 ] && [ "$NVIDIA" -eq 0 ] ; then
|
|
echo "Must specify -a or -n" && exit 1
|
|
fi
|
|
|
|
if [ "$AMD" -eq 1 ] && [ "$TRUNCATE" -eq 1 ] ; then
|
|
echo "-m is not valid with -a" && exit 1
|
|
fi
|
|
|
|
if [ "$TEMP_DIR" != "" ] ; then
|
|
mkdir -p "$TEMP_DIR" || exit 1
|
|
tmpdir="$TEMP_DIR"
|
|
else
|
|
# https://unix.stackexchange.com/a/84980/340732
|
|
tmpdir=$(mktemp -d 2>/dev/null || mktemp -d -t 'vbios') || exit 1
|
|
fi
|
|
|
|
ORIGINAL_SIZE=$(stat -f%z "$ROM_FILE") || exit 1
|
|
|
|
if [ "$AMD" -eq 1 ] ; then
|
|
# For AMD we can only modify the first 128KB, anything above 128KB
|
|
# should not be moved, and is not mapped to memory visible by the CPU
|
|
# for loading EFI drivers.
|
|
TRUNCATE=1
|
|
TRUNCATE_SIZE="$AMD_SAFE_SIZE"
|
|
|
|
# Also works, with empty keep_part.rom, in the atypical case where we
|
|
# are provided with only the used part of the ROM below 128KB.
|
|
dd bs=1 if="$ROM_FILE" of="$tmpdir/modify_part.rom" count="$AMD_SAFE_SIZE" 2>/dev/null || exit 1
|
|
dd bs=1 if="$ROM_FILE" of="$tmpdir/keep_part.rom" skip="$AMD_SAFE_SIZE" 2>/dev/null || exit 1
|
|
else
|
|
if [ "$TRUNCATE" -eq 0 ] ; then
|
|
# If original size is a plausible ROM size (exact power of two, 64KB or
|
|
# larger; 64KB chosen partly for neat regexp) treat it as the full available
|
|
# size of the VBIOS chip unless overridden with -m.
|
|
printf '%x' "$ORIGINAL_SIZE" | grep -Eq "^(1|2|4|8)0000+$" && TRUNCATE=1
|
|
if [ "$TRUNCATE" -eq 1 ] ; then
|
|
echo "Detected standard ROM size."
|
|
TRUNCATE_SIZE="$ORIGINAL_SIZE"
|
|
else
|
|
if [ "$ORIGINAL_SIZE" -gt "$((NVIDIA_SAFE_SIZE))" ] ; then
|
|
echo " - File size of ${ORIGINAL_SIZE} bytes must be no more than $((NVIDIA_SAFE_SIZE)) bytes; use -m or check file" && exit 1
|
|
fi
|
|
TRUNCATE=1
|
|
TRUNCATE_SIZE="$NVIDIA_SAFE_SIZE"
|
|
fi
|
|
fi
|
|
|
|
cp "$ROM_FILE" "$tmpdir/modify_part.rom" || exit 1
|
|
fi
|
|
|
|
if [ "$GOP_OFFSET" = "-" ] ; then
|
|
echo "Auto-detecting GOP offset..."
|
|
|
|
# nicer techniques which do not assume nice alignment of what is being searched for do not work on older Mac OS X
|
|
OUTPUT=$(hexdump -C "$tmpdir/modify_part.rom" | grep '55 aa .. .. f1 0e 00 00' | head -1)
|
|
# Make macOS bash to split as expected:
|
|
# shellcheck disable=SC2206
|
|
GOP_ARRAY=($OUTPUT)
|
|
GOP_OFFSET=${GOP_ARRAY[0]}
|
|
if [ "$GOP_OFFSET" != "" ] ; then
|
|
GOP_OFFSET="0x${GOP_OFFSET}"
|
|
GOP_OFFSET=$(($GOP_OFFSET))
|
|
else
|
|
GOP_OFFSET=-1
|
|
fi
|
|
|
|
if [ "$GOP_OFFSET" -eq -1 ] ; then
|
|
echo " - No GOP found in ROM!" && exit 1
|
|
fi
|
|
fi
|
|
|
|
dd bs=1 if="$tmpdir/modify_part.rom" of="$tmpdir/original_first_part.rom" count=$(($GOP_OFFSET)) 2>/dev/null || exit 1
|
|
dd bs=1 if="$tmpdir/modify_part.rom" of="$tmpdir/original_last_part.rom" skip=$(($GOP_OFFSET)) 2>/dev/null || exit 1
|
|
|
|
echo "Compressing EFI using EfiRom..."
|
|
if [ "$AMD" -eq 1 ] ; then
|
|
EfiRom -o "$tmpdir/insert.rom" -ec "$EFI_FILE" -f 0xAAAA -i 0xBBBB -l 0x30000 -p || exit 1
|
|
else
|
|
EfiRom -o "$tmpdir/insert.rom" -ec "$EFI_FILE" -f 0xAAAA -i 0xBBBB -l 0x30000 || exit 1
|
|
fi
|
|
|
|
if [ "$NVIDIA" -eq 1 ] ; then
|
|
dd bs=1 if="$tmpdir/insert.rom" of="$tmpdir/insert_first_part" count=$((0x38)) 2>/dev/null || exit 1
|
|
dd bs=1 if="$tmpdir/insert.rom" of="$tmpdir/insert_last_part" skip=$((0x38)) 2>/dev/null || exit 1
|
|
|
|
# TODO: truncation logic should be fixed for when there is not enough spare padding in output of EfiRom;
|
|
# we currently assume without checking that there is enough space to fit in the NPDE header (if not,
|
|
# script will report failure to verify with UEFIRomExtract below).
|
|
INSERT_SIZE=$(stat -f%z "$tmpdir/insert.rom") || exit 1
|
|
|
|
# Calculate NPDE size from original GOP and add to new image
|
|
EfiImageOffset=$(dd if="$tmpdir/original_last_part.rom" ibs=1 skip=$((0x16)) count=2 2>/dev/null | od -t u4 -An | xargs)
|
|
if [ "$EfiImageOffset" -eq $((0x50)) ] ; then
|
|
NpdeSize=$((0x18))
|
|
elif [ "$EfiImageOffset" -eq $((0x4C)) ] ; then
|
|
NpdeSize=$((0x14))
|
|
elif [ "$EfiImageOffset" -eq $((0x38)) ] ; then
|
|
NpdeSize=0
|
|
else
|
|
# Note: We need at least 0x14 NPDE size for the patch-ups we do below for size and end-marker to make sense
|
|
printf "Unsupported EFI Image Offset 0x%x, cannot calculate NPDE Size!\n" "$EfiImageOffset"
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
if [ "$NVIDIA" -eq 1 ] && [ "$NpdeSize" -ne 0 ] ; then
|
|
echo "Adding Nvidia header..."
|
|
|
|
dd bs=1 if="$tmpdir/original_last_part.rom" of="$tmpdir/insert_first_part" skip=$((0x38)) seek=$((0x38)) count="$NpdeSize" 2>/dev/null || exit 1
|
|
cat "$tmpdir/insert_first_part" "$tmpdir/insert_last_part" > "$tmpdir/insert_oversize.rom" || exit 1
|
|
# Note: `truncate` command is not present by default on macOS
|
|
dd bs=1 if="$tmpdir/insert_oversize.rom" of="$tmpdir/insert_fixed.rom" count="$INSERT_SIZE" 2>/dev/null || exit 1
|
|
|
|
# Patch size in NPDE
|
|
dd bs=1 if="$tmpdir/insert.rom" of="$tmpdir/insert_fixed.rom" skip=$((0x2)) seek=$((0x48)) count=1 conv=notrunc 2>/dev/null || exit 1
|
|
else
|
|
cp "$tmpdir/insert.rom" "$tmpdir/insert_fixed.rom" || exit 1
|
|
fi
|
|
|
|
# patch with vendor and device id from original GOP
|
|
dd bs=1 if="$tmpdir/original_last_part.rom" of="$tmpdir/insert_fixed.rom" skip=$((0x20)) seek=$((0x20)) count=4 conv=notrunc 2>/dev/null || exit 1
|
|
|
|
if [ "$NVIDIA" -eq 1 ] && [ "$NpdeSize" -ne 0 ] ; then
|
|
# Patch EFI image offset in PCIR
|
|
dd bs=1 if="$tmpdir/original_last_part.rom" of="$tmpdir/insert_fixed.rom" skip=$((0x16)) seek=$((0x16)) count=1 conv=notrunc 2>/dev/null || exit 1
|
|
|
|
# Patch end marker in NPDE in fixed ROM (leave PCIR correct and EFI extractable from fixed ROM)
|
|
echo -n -e '\x00' | dd bs=1 of="$tmpdir/insert_fixed.rom" seek=$((0x4A)) conv=notrunc 2>/dev/null || exit 1
|
|
fi
|
|
|
|
echo "Combining..."
|
|
cat "$tmpdir/original_first_part.rom" "$tmpdir/insert_fixed.rom" "$tmpdir/original_last_part.rom" > "$tmpdir/combined.rom" || exit 1
|
|
|
|
# If new ROM is larger than truncate size, determine overflow by seeing
|
|
# whether truncated ROM still has padding.
|
|
# For Nvidia we would need to parse and navigate NVGI and NPDE headers
|
|
# to calculate true occupied VBIOS space. To calcuate AMD occupation below
|
|
# 128KB limit, we could navigate normal PCI expansion ROM headers.
|
|
COMBINED_SIZE=$(stat -f%z "$tmpdir/combined.rom") || exit 1
|
|
if [ "$COMBINED_SIZE" -le "$(($TRUNCATE_SIZE))" ] ; then
|
|
TRUNCATE=0
|
|
fi
|
|
if [ "$TRUNCATE" -eq 1 ] ; then
|
|
echo "Truncating to original size..."
|
|
|
|
dd bs=1 if="$tmpdir/combined.rom" of="$tmpdir/truncated.rom" count="$TRUNCATE_SIZE" 2>/dev/null || exit 1
|
|
|
|
COUNT=$(hexdump -v -e '1/8 " %016X\n"' "$tmpdir/truncated.rom" | tail -n 8 | grep "FFFFFFFFFFFFFFFF" | wc -l)
|
|
if [ "$COUNT" -ne 8 ] ; then
|
|
# Some Nvidia ROMs, at least, incorrectly have 00000000 padding after active contents
|
|
# (it is incorrect, since writing only active contents using nvflash resets the rest to ffffffff).
|
|
# May also be relevant if we ever have any truly 00000000 default ROM images.
|
|
COUNT=$(hexdump -v -e '1/8 " %016X\n"' "$tmpdir/truncated.rom" | tail -n 8 | grep "0000000000000000" | wc -l)
|
|
fi
|
|
|
|
if [ "$COUNT" -ne 8 ] ; then
|
|
echo " - Not enough space within $((TRUNCATE_SIZE / 1024))k limit - aborting!" && exit 1
|
|
fi
|
|
|
|
if [ "$AMD" -eq 1 ] ; then
|
|
cat "$tmpdir/truncated.rom" "$tmpdir/keep_part.rom" > "$OUT_FILE" || exit 1
|
|
else
|
|
cp "$tmpdir/truncated.rom" "$OUT_FILE" || exit 1
|
|
fi
|
|
else
|
|
cp "$tmpdir/combined.rom" "$OUT_FILE" || exit 1
|
|
fi
|
|
|
|
# patch end marker in PCIR in out file
|
|
echo -n -e '\x00' | dd bs=1 of="$OUT_FILE" seek=$(($GOP_OFFSET + 0x31)) conv=notrunc 2>/dev/null || exit 1
|
|
|
|
printf "Verifying (starting at 0x%X)...\n" "$GOP_OFFSET"
|
|
dd bs=1 if="$OUT_FILE" of="$tmpdir/out_efi_part.rom" skip=$(($GOP_OFFSET)) 2>/dev/null || exit 1
|
|
# UEFIRomExtract error messages are on stdout, so we cannot suppress unwanted normal output here
|
|
UEFIRomExtract "$tmpdir/out_efi_part.rom" "$tmpdir/extracted.efi" || exit 1
|
|
ERROR=0
|
|
diff "$tmpdir/extracted.efi" "$EFI_FILE" 1>/dev/null || ERROR=1
|
|
|
|
if [ "$ERROR" -ne 0 ] ; then
|
|
echo " - Failure comparing extracted EFI to original!"
|
|
fi
|
|
|
|
OLD_EFI_COUNT=$(EfiRom -d "$tmpdir/original_last_part.rom" | grep "0x0EF1" | wc -l) || exit 1
|
|
OLD_EFI_COUNT=$(($OLD_EFI_COUNT)) || exit 1
|
|
|
|
NEW_EFI_COUNT=$(EfiRom -d "$tmpdir/out_efi_part.rom" | grep "0x0EF1" | wc -l) || exit 1
|
|
NEW_EFI_COUNT=$(($NEW_EFI_COUNT)) || exit 1
|
|
|
|
if [ "$NEW_EFI_COUNT" -ne $(($OLD_EFI_COUNT + 1)) ] ; then
|
|
echo " - ${OLD_EFI_COUNT} EFI parts in original ROM, and detected ${NEW_EFI_COUNT} EFI parts in modified ROM, expected $(($OLD_EFI_COUNT + 1))!"
|
|
ERROR=1
|
|
fi
|
|
|
|
if [ "$ERROR" -eq 0 ] ; then
|
|
echo "SUCCESS."
|
|
else
|
|
echo "*** WARNING - FAIL ***"
|
|
fi
|
|
|
|
if [ "$TEMP_DIR" = "" ] ; then
|
|
rm -rf "$tmpdir" || exit 1
|
|
fi
|
|
|
|
echo "Done."
|