Browse Source

Add update-shell and update framework.

also added some simple scripts to demo updates
tags/alpha-Talos-II
Jonathan Currier 2 years ago
parent
commit
23ce9c2ac9
16 changed files with 277 additions and 23 deletions
  1. +1
    -0
      Config.in
  2. BIN
     
  3. BIN
     
  4. +9
    -4
      board/bangBMC/blackbird.dts
  5. +31
    -0
      board/bangBMC/bmc-host-link-local-howto
  6. +35
    -0
      board/bangBMC/fakeroot-fs.sh
  7. +100
    -0
      board/bangBMC/gen-simple-update
  8. +3
    -8
      board/bangBMC/linux-mod.config
  9. +14
    -0
      board/bangBMC/overlay/etc/local.d/usb-ecm.start
  10. +1
    -0
      board/bangBMC/overlay/etc/udev/rules.d/20-bmc-host-eth.rules
  11. +3
    -0
      board/bangBMC/overlay/root/bin/bmc-host
  12. +9
    -4
      board/bangBMC/talos.dts
  13. +32
    -0
      board/bangBMC/update-install
  14. +5
    -7
      configs/blackbird-bmc_defconfig
  15. +7
    -0
      package/update-shell/Config.in
  16. +27
    -0
      package/update-shell/update-shell.mk

+ 1
- 0
Config.in View File

@@ -6,6 +6,7 @@ source "$BR2_EXTERNAL_bangBMC_PATH/package/pwr-button-gpio/Config.in"
source "$BR2_EXTERNAL_bangBMC_PATH/package/hiomapd/Config.in"
source "$BR2_EXTERNAL_bangBMC_PATH/package/ipmi-bt-miniroute/Config.in"
source "$BR2_EXTERNAL_bangBMC_PATH/package/op-fan-daemon/Config.in"
source "$BR2_EXTERNAL_bangBMC_PATH/package/update-shell/Config.in"

if BR2_PACKAGE_IPMI_BT_MINIROUTE
source "$BR2_EXTERNAL_bangBMC_PATH/package/ipmi-openpower-storage-time/Config.in"


BIN
View File


BIN
View File


+ 9
- 4
board/bangBMC/blackbird.dts View File

@@ -466,15 +466,20 @@
reg = <0x00 0x60000>;
};

kernel@80000 {
label = "kernel";
kernel_a@80000 {
label = "kernel_a";
reg = <0x80000 0x600000>;
};

rwfs@780000 {
rwfs@d80000 {
label = "rwfs";
reg = <0x780000 0x1880000>;
reg = <0xd80000 0x1280000>;
};

kernel_b@780000 {
label = "kernel_b";
reg = <0x780000 0x600000>;
};
};
};
};


+ 31
- 0
board/bangBMC/bmc-host-link-local-howto View File

@@ -0,0 +1,31 @@
Updating firmware via the ecm gadget's IPv6 address of bangBMC is simple.
The following example assume that 'usb0' is the name of the host's ecm side of
the gadet interface.

1) First you need to discover your ipv6ll address
run 'ip addr show dev usb0'
```
ip addr show dev usb0
8: usb0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 5e:2f:07:9c:7e:58 brd ff:ff:ff:ff:ff:ff
inet6 fe80::5c2f:7ff:fe9c:7e58/64 scope link
valid_lft forever preferred_lft forever
```
from this we can see the the host's address is 'fe80::5c2f:7ff:fe9c:7e58'


2) Next discover the BMC's address. To do that run a broadcast ping on the gadget device.

```
ping6 -c 2 -I usb0 ff02::1
64 bytes from fe80::5c2f:7ff:fe9c:7e58%usb0: icmp_seq=1 ttl=64 time=0.050 ms
64 bytes from fe80::54d9:9dff:fe81:b3fa%usb0: icmp_seq=1 ttl=64 time=1.06 ms (DUP!)
64 bytes from fe80::5c2f:7ff:fe9c:7e58%usb0: icmp_seq=2 ttl=64 time=0.025 ms
```
from this we can clearly see the BMC (which is the non-host entry) is fe80::54d9:9dff:fe81:b3fa


3) Finally send the update:
```
scp /tmp/update.tar update@\[fe80::54d9:9dff:fe81:b3fa%usb0\]:
```

+ 35
- 0
board/bangBMC/fakeroot-fs.sh View File

@@ -9,6 +9,7 @@ BOARD_DIR=${BR2_EXTERNAL_bangBMC_PATH}/board/bangBMC
shift 1
. ${BOARD_DIR}/script-support.frag.sh

[ -z "${TARGET_DIR}"] && echo "empty target dir" && exit 1

echo "disabling undesirable init scripts"

@@ -34,3 +35,37 @@ for drop in $(find ${TARGET_DIR}/etc/init.d ${TARGET_DIR}/etc/runlevels) ; do
[ -z "$(echo ${blacklisted_init_scripts} | grep ${bn})" ] && continue
rm -v ${drop}
done

blacklisted_gpgp_files="gpgrt-config \
gpg-error \
gpg \
gpgsm \
gpg-agent \
gpgconf \
gpg-connect-agent \
gpgparsemail \
gpg-wks-server \
gpgtar \
gpgscm \
gpg-error \
gpg-error.asd \
gpg-error-package.lisp \
gpg-error.lisp \
gpg-error-codes.lisp \
gpg-protect-tool \
gpg-preset-passphrase \
gpg-wks-client \
libksba.so* \
libnpth.so* \
libassuan.so* \
dirmngr* \
\
ksba-config \
npth-config \
addgnupghome \
applygnupgdefaults \
"

for nongpg in ${blacklisted_gpgp_files} ; do
rm -rf $(find ${TARGET_DIR} -name ${nongpg})
done

+ 100
- 0
board/bangBMC/gen-simple-update View File

@@ -0,0 +1,100 @@
#!/bin/sh
set -e

TEMP=$(getopt -o "" --long \
'buildroot-base:,external:,keyring:,output-name:,help,debug' -n "$0" -- "$@")
if [ $? -ne 0 ] ; then
echo "Error parsing arguments"
exit 1
fi

eval set -- "${TEMP}"
unset TEMP

usage() {
echo -e "\
usage $0 --buildroot-base \${buildroot-O-path} --output-name /tmp/dev-sqfs \
--addition-tree \${addon_tree}
--buildroot-base (required) Buildroot output directory. Same as the value given for
make O=\${some-dir} when making the buildroot.
--output-name (optional) path and file name to give the output update image.
Defaults to \${buildroot-base}/images/update.tar
--external (required) Base of the external buildroot tree.
--keyring (optional) gpg keyring to use.
(WARNING: will default to dev keyring)
--help Prints this message
--debug runs 'set -x' in the script.
"
exit 0;
}

# do not resolve the base_dir just yet.
# Setting this, without resolving it allows optionally change output_name
output_name='${base_dir}/images/update.tar'
keyring='${external_dir}/board/bangBMC/bangBMC-signingring.gpg'
while true; do
case "$1" in
'--buildroot-base')
base_dir="$2"
shift 2;
;;
'--output-name')
output_name="$2"
shift 2;
;;
'--external')
external_dir="$2"
shift 2;
;;
'--keyring')
keyring="$2"
shift 2;
;;
'--help')
usage
break
;;
'--debug')
set -x
shift
;;
--)
break
;;
*)
echo "Invalid argument $1"
exit 1;
;;
esac
done

# This causes output_name to be expanded.
# If it's not supplied then it will be relative to the supplied
# base_dir.
eval output_name="${output_name}"
eval keyring="${keyring}"

if [ -z "${base_dir}" ] ; then
echo "Error: buildroot-base not specified" >&2
exit 1
fi

if [ -z "${external_dir}" ] ; then
echo "Error: external tree not specified" >&2
exit 1
fi

if [ ! -d ${base_dir}/images ] ; then
echo "Error image directory in \"${base_dir}\" does not exist." >&2
exit 1
fi

work_dir=$(mktemp -d)
cp ${base_dir}/images/uboot-fit.img ${work_dir}/kernel.fit
cp ${external_dir}/board/bangBMC/update-install ${work_dir}
tar -cJf ${work_dir}/update.tar.xz -C ${work_dir} kernel.fit update-install
gpg --no-default-keyring --keyring=${keyring} -b ${work_dir}/update.tar.xz
tar -cf ${work_dir}/update.tar -C ${work_dir} update.tar.xz update.tar.xz.sig
cp ${work_dir}/update.tar ${output_name}

rm -rf ${work_dir}

+ 3
- 8
board/bangBMC/linux-mod.config View File

@@ -124,7 +124,6 @@ CONFIG_FTGMAC100=y
# CONFIG_NET_VENDOR_WIZNET is not set
CONFIG_BROADCOM_PHY=y
CONFIG_REALTEK_PHY=y
# CONFIG_USB_NET_DRIVERS is not set
# CONFIG_WLAN is not set
# CONFIG_INPUT_LEDS is not set
CONFIG_INPUT_EVDEV=y
@@ -183,18 +182,14 @@ CONFIG_V4L_PLATFORM_DRIVERS=y
CONFIG_VIDEO_ASPEED=y
CONFIG_DRM=y
CONFIG_DRM_ASPEED_GFX=y
CONFIG_USB=y
CONFIG_USB_ANNOUNCE_NEW_DEVICES=y
CONFIG_USB_DYNAMIC_MINORS=y
CONFIG_USB_EHCI_HCD=y
CONFIG_USB_EHCI_ROOT_HUB_TT=y
CONFIG_USB_EHCI_HCD_PLATFORM=y
CONFIG_USB_GADGET=y
CONFIG_USB_ASPEED_VHUB=y
CONFIG_USB_CONFIGFS=y
CONFIG_USB_CONFIGFS_ACM=y
CONFIG_USB_CONFIGFS_ECM=y
CONFIG_USB_CONFIGFS_MASS_STORAGE=y
CONFIG_USB_CONFIGFS_F_FS=y
CONFIG_USB_CONFIGFS_F_HID=y
CONFIG_USB_MASS_STORAGE=y
CONFIG_NEW_LEDS=y
CONFIG_LEDS_CLASS=y
CONFIG_LEDS_CLASS_FLASH=y


+ 14
- 0
board/bangBMC/overlay/etc/local.d/usb-ecm.start View File

@@ -0,0 +1,14 @@
#!/bin/sh
# simply sets up an ecm gadget
set -x
mount -t configfs config /config
cd /config/usb_gadget/
mkdir g0
cd g0/functions/
mkdir ecm.0
cd ../configs/
mkdir c.1
cd c.1/
ln -s ../../functions/ecm.0/
cd ../../
echo '1e6a0000.usb-vhub:p1' >UDC

+ 1
- 0
board/bangBMC/overlay/etc/udev/rules.d/20-bmc-host-eth.rules View File

@@ -0,0 +1 @@
SUBSYSTEM=="net", KERNELS=="gadget", NAME="bmc-host0", RUN+="/root/bin/bmc-host"

+ 3
- 0
board/bangBMC/overlay/root/bin/bmc-host View File

@@ -0,0 +1,3 @@
#!/bin/sh
ip link set dev bmc-host0 up
udhcpc -b -i bmc-host0 &

+ 9
- 4
board/bangBMC/talos.dts View File

@@ -428,15 +428,20 @@
reg = <0x00 0x60000>;
};

kernel@80000 {
label = "kernel";
kernel_a@80000 {
label = "kernel_a";
reg = <0x80000 0x600000>;
};

rwfs@780000 {
rwfs@d80000 {
label = "rwfs";
reg = <0x780000 0x1880000>;
reg = <0xd80000 0x1280000>;
};

kernel_b@780000 {
label = "kernel_b";
reg = <0x780000 0x600000>;
};
};
};
};


+ 32
- 0
board/bangBMC/update-install View File

@@ -0,0 +1,32 @@
#!/bin/sh
# this is a sample/working install script.
# it may or may not fit your needs
# updates only have stderr to output to.
# stdout is reserved for communicating with scp
exec 1>&2
echo "performing simple install"
flash_target=/dev/block/mtd/kernel_a
if [ -e '/dev/block/mtd/kernel' ] ; then
echo "Refusing to install to system with old partition layout"
exit 1
fi

if [ ! -e "${flash_target}" ] ; then
echo "ERROR: unable to location installation partition, exiting"
exit 1
fi

# erase the flash device
# I don't remember what the exact erase block size is, but I am pretty sure
# it's not more than 64K
# I have seen issues with dd-ing to mtd block devices. This seems to fix it.
# However I recommend people actually either know for sure this is needed,
# or include something like flash_cp and or flash_erase in their update tarball.
# (Including in the fs itself is no recommend since it'd be bloat that would only
# be used at update time)
dd if=/dev/zero bs=64K |tr '\0' '\xff' | dd bs=64K of=${flash_target}
dd if=./kernel.fit of=${flash_target} bs=64K

echo "installation finished (dd exit code $?)"
echo "rebooting"
reboot

+ 5
- 7
configs/blackbird-bmc_defconfig View File

@@ -11,7 +11,7 @@ BR2_TARGET_GENERIC_HOSTNAME="blackbird_bangbmc"
BR2_TARGET_GENERIC_ISSUE="Raptor/Blackbird !BMC"
BR2_INIT_OPENRC=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_TARGET_GENERIC_ROOT_PASSWD="password"
# BR2_TARGET_ENABLE_ROOT_LOGIN is not set
# BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW is not set
BR2_ENABLE_LOCALE_WHITELIST=""
BR2_ROOTFS_OVERLAY="$(BR2_EXTERNAL_bangBMC_PATH)/board/bangBMC/overlay"
@@ -25,23 +25,20 @@ BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://git.raptorcs.com/git/blackbird
BR2_LINUX_KERNEL_USE_CUSTOM_CONFIG=y
BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="$(BR2_EXTERNAL_bangBMC_PATH)/board/bangBMC/linux-mod.config"
BR2_LINUX_KERNEL_LZMA=y
BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y
BR2_LINUX_KERNEL_NEEDS_HOST_LIBELF=y
BR2_PACKAGE_LINUX_TOOLS_GPIO=y
BR2_PACKAGE_BUSYBOX_CONFIG="$(BR2_EXTERNAL_bangBMC_PATH)/board/bangBMC/busybox.config"
BR2_PACKAGE_BUSYBOX_SHOW_OTHERS=y
BR2_PACKAGE_KEXEC=y
BR2_PACKAGE_KEXEC_ZLIB=y
# BR2_PACKAGE_EUDEV_ENABLE_HWDB is not set
BR2_PACKAGE_PCIUTILS=y
BR2_PACKAGE_LIBGPIOD_TOOLS=y
BR2_PACKAGE_LIBPTHREAD_STUBS=y
BR2_PACKAGE_DROPBEAR=y
BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS=y
BR2_PACKAGE_UTIL_LINUX_LIBUUID=y
BR2_PACKAGE_GNUPG2=y
BR2_PACKAGE_GNUPG2_GPGV=y
BR2_TARGET_ROOTFS_CPIO=y
BR2_TARGET_ROOTFS_CPIO_LZMA=y
# BR2_TARGET_ROOTFS_TAR is not set
BR2_PACKAGE_HOST_MKPASSWD=y
BR2_PACKAGE_ATX_GPIO=y
BR2_PACKAGE_FSI_HOST_SBE=y
BR2_PACKAGE_IPL_MON=y
@@ -49,6 +46,7 @@ BR2_PACKAGE_PWR_BUTTON_GPIO=y
BR2_PACKAGE_HIOMAPD=y
BR2_PACKAGE_IPMI_BT_MINIROUTE=y
BR2_PACKAGE_OP_FAN_DAEMON=y
BR2_PACKAGE_UPDATE_SHELL=y
BR2_PACKAGE_IPMI_OPENPOWER_STORAGE_TIME=y
BR2_PACKAGE_IPMI_CHASSIS_CONTROL=y
BR2_PACKAGE_IPMI_GRPEXT_DCMI=y


+ 7
- 0
package/update-shell/Config.in View File

@@ -0,0 +1,7 @@

config BR2_PACKAGE_UPDATE_SHELL
bool "update-shell"
help
simple update mechanism. adds an update user. Any files scp'd to that
account are treated as updates (includes file validation, and signature
check).

+ 27
- 0
package/update-shell/update-shell.mk View File

@@ -0,0 +1,27 @@

UPDATE_SHELL_VERSION = 84f30f1794df18e6b7d400fd419ddd18530e3f34
UPDATE_SHELL_SITE = https://git.anastas.io/dormito/update-shell.git
UPDATE_SHELL_SITE_METHOD = git
UPDATE_SHELL_INSTALL_TARGET = YES
UPDATE_SHELL_AUTORECONF = YES
UPDATE_SHELL_DEPENDENCIES = host-pkgconf


define UPDATE_SHELL_USERS
update -1 update -1 * /usr/libexec/update /usr/bin/update-shell - user account for performing system updates
endef

# update-su is only executable
# by root(but it will refuse to run) and by members
# of the update group.
define UPDATE_SHELL_PERMISSIONS
/usr/bin/update-su f 4750 0 update - - - - -
endef

define UPDATE_SHELL_ADD_MKSH_TO_SHELLS
echo "/usr/bin/update-shell" >> $(TARGET_DIR)/etc/shells
endef

UPDATE_SHELL_TARGET_FINALIZE_HOOKS += UPDATE_SHELL_ADD_MKSH_TO_SHELLS

$(eval $(autotools-package))

Loading…
Cancel
Save