tl;dr the bash builtin type is handy for troubleshooting large messy bash things. UEFI vulnerabilities have been coming up a lot lately. At a recent InfoSec conference that I attended, one speaker remarked that the state of the code is bad and that “electrical engineers should not be writing code”. That’s quite an uncharitable comment, but looking at the state of the EDK2 source code by way of CloverGrower I’ve experienced some of that pain first-hand, in the state of the build scripts. The build command was failing and I managed to track it down to this segment in ./edk2/Clover/ebuild.sh:
echo echo "Running edk2 build for Clover$TARGETARCH using the command:" echo "$cmd" echo eval "$cmd"
From terminal output we know that cmd is:
build -p Clover/Clover.dsc -a X64 -b RELEASE -t GCC47 -n 9
Now the question is, what exactly is “build”? The script has one “source” command:
source edksetup.sh BaseTools
I now know that this ends up calling ./edk2/BaseTools/BuildEnv and stuff, but really I’m just trying to locate what “build” function is being called and surely there must be some way to find that out quickly. That’s where the bash type command comes in. Placing it just before the eval:
echo echo "Running edk2 build for Clover$TARGETARCH using the command:" echo "$cmd" echo type build eval "$cmd"
… reveals the following:
build is /Users/tramdas/repos/Clover/edk2/BaseTools/BinWrappers/PosixLike/build
That’s all I needed. Much more efficient than untangling the web of source commands.