Digi
/
meta-digi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

recovery init: check the update package before setting a key and/or formatting 

The recovery init checks if the configured update package exists and it is valid
before setting a new key and/or formatting the rootfs partition.

This change avoids getting non-booting devices after performing a firmware
update with a non-existing or invalid update package.

https://jira.digi.com/browse/DEL-3959

Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
This commit is contained in:
Tatiana Leon 2017-04-07 21:05:31 +02:00
parent ff82ecdf87
commit 15214a198e
1 changed files with 72 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

111
meta-digi-dey/recipes-core/recovery/recovery-initramfs/recovery-initramfs-init
View File

@ -254,21 +254,56 @@ format_emmc_block() {
# #
# Get absolute path of update package searching in local media # Get absolute path of update package searching in local media
# #
# @param ${1} - SWU package name # @param ${1} - SWU package
#------------------------------------------------------------------------------ #------------------------------------------------------------------------------
swu_package_path() { swu_package_path() {
for i in ${UPDATE_MOUNT_DIR} $(echo ${USB_MOUNT_DIR}/*); do # Check whether the package is local and get the absolute path.
echo $i | grep -qs "${USB_MOUNT_DIR}/\*" && continue if echo "${1}" | grep -qs '^file://'; then
if [ -f "${i}/${1}" ]; then local pkg_name="$(basename ${1})"
swu_abspath="${i}/${1}"
break
fi
done
if [ -n "${swu_abspath}" ]; then for i in ${UPDATE_MOUNT_DIR} $(echo ${USB_MOUNT_DIR}/*); do
echo "${swu_abspath}" echo $i | grep -qs "${USB_MOUNT_DIR}/\*" && continue
if [ -f "${i}/${pkg_name}" ]; then
swu_abspath="${i}/${pkg_name}"
break
fi
done
if [ -n "${swu_abspath}" ]; then
echo "${swu_abspath}"
else
quit_with_error "Unable to find update package '${pkg_name}'"
fi
else else
quit_with_error "Unable to find update package '${1}'" echo "${1}"
fi
}
#------------------------------------------------------------------------------
# Function - check_swu_package
#
# Check if the update package is a valid one and get its absolute path
#
# @param ${1} - SWU package
#------------------------------------------------------------------------------
check_swu_package() {
log "Checking update package '$(basename ${1})'"
if [ -z "${1}" ]; then
quit_with_error "Firmware update package not specified"
fi
update_package="$(swu_package_path ${1})"
# Check software update package.
if [ -f "${PUBLIC_KEY}" ]; then
swupdate -c -i "${update_package}" -k "${PUBLIC_KEY}"
else
swupdate -c -i "${update_package}"
fi
if [ "$?" != "0" ]; then
quit_with_error "Invalid update package '$(basename ${1})'"
fi fi
} }
@ -395,11 +430,17 @@ for arg in ${COMMAND}; do
esac esac
done done
# Sanity checks.
if [ -n "${update_package_bool}" ]; then
check_swu_package "${update_package}"
fi
# Check if encryption key command is configured. # Check if encryption key command is configured.
if [ -n "${encryption_key_bool}" ]; then if [ -n "${encryption_key_bool}" ]; then
log "Trustfence encryption key setup requested (new key: ${encryption_key:-random})" log "Trustfence encryption key setup requested (new key: ${encryption_key:-random})"
psplash_message "Configuring new encryption key..." psplash_message "Configuring new encryption key..."
psplash_progress "0" psplash_progress "0"
trustfence-tool "--newkey${encryption_key:+=${encryption_key}}" trustfence-tool "--newkey${encryption_key:+=${encryption_key}}"
if [ "$?" = "0" ]; then if [ "$?" = "0" ]; then
psplash_progress "10" psplash_progress "10"
@ -425,35 +466,27 @@ if [ -n "${update_package_bool}" ]; then
log "Firmware update requested" log "Firmware update requested"
psplash_message "Updating firmware..." psplash_message "Updating firmware..."
psplash_progress "0" psplash_progress "0"
if [ -z "${update_package}" ]; then
quit_with_error "Firmware update package not specified" # Format the UBI volume before updating.
if [ "$(is_nand)" = "yes" ]; then
psplash_message "Formatting rootfs partition..."
format_ubi_volume rootfs
psplash_progress "0"
fi
log "Update package location: ${update_package}"
# Execute the progress binary.
progress -wp &
# Execute the software update.
if [ -f "${PUBLIC_KEY}" ]; then
swupdate -f "${SW_CONFIG}" -i "${update_package}" -k "${PUBLIC_KEY}"
else else
# Format the UBI volume before updating. swupdate -f "${SW_CONFIG}" -i "${update_package}"
if [ "$(is_nand)" = "yes" ]; then fi
psplash_message "Formatting rootfs partition..." if [ "$?" = "0" ]; then
format_ubi_volume rootfs log "Firmware update process succeed!"
psplash_progress "0" else
fi quit_with_error "Error executing the firmware update"
# Check whether the package is local and get the absolute path
if echo "${update_package}" | grep -qs '^file://'; then
update_package="$(swu_package_path $(basename ${update_package}))"
fi
log "Update package location: ${update_package}"
# Execute the progress binary.
progress -wp &
# Execute the software update.
if [ -f "${PUBLIC_KEY}" ]; then
swupdate -f "${SW_CONFIG}" -i "${update_package}" -k "${PUBLIC_KEY}"
else
swupdate -f "${SW_CONFIG}" -i "${update_package}"
fi
if [ "$?" = "0" ]; then
log "Firmware update process succeed!"
else
quit_with_error "Error executing the firmware update"
fi
fi fi
fi fi