2018-01-15 02:37:17 +00:00
fwtool_check_signature( ) {
[ $# -gt 1 ] && return 1
[ ! -x /usr/bin/ucert ] && {
if [ " $REQUIRE_IMAGE_SIGNATURE " = 1 ] ; then
return 1
else
return 0
fi
}
2019-02-09 13:34:12 +00:00
if ! fwtool -q -s /tmp/sysupgrade.ucert " $1 " ; then
2020-11-03 08:22:58 +00:00
v "Image signature not present"
2018-01-15 02:37:17 +00:00
[ " $REQUIRE_IMAGE_SIGNATURE " = 1 -a " $FORCE " != 1 ] && {
2020-11-03 06:15:35 +00:00
v "Use sysupgrade -F to override this check when downgrading or flashing to vendor firmware"
2018-01-15 02:37:17 +00:00
}
[ " $REQUIRE_IMAGE_SIGNATURE " = 1 ] && return 1
return 0
fi
2019-02-12 15:37:30 +00:00
fwtool -q -T -s /dev/null " $1 " | \
ucert -V -m - -c "/tmp/sysupgrade.ucert" -P /etc/opkg/keys
2018-01-15 02:37:17 +00:00
return $?
}
2016-11-14 16:30:51 +00:00
fwtool_check_image( ) {
[ $# -gt 1 ] && return 1
. /usr/share/libubox/jshn.sh
2018-12-02 15:05:40 +00:00
if ! fwtool -q -i /tmp/sysupgrade.meta " $1 " ; then
2020-11-03 08:22:58 +00:00
v "Image metadata not present"
2016-11-26 17:43:59 +00:00
[ " $REQUIRE_IMAGE_METADATA " = 1 -a " $FORCE " != 1 ] && {
2020-11-03 06:15:35 +00:00
v "Use sysupgrade -F to override this check when downgrading or flashing to vendor firmware"
2016-11-26 17:43:59 +00:00
}
2016-11-14 16:30:51 +00:00
[ " $REQUIRE_IMAGE_METADATA " = 1 ] && return 1
return 0
fi
json_load " $( cat /tmp/sysupgrade.meta) " || {
2020-11-03 06:15:35 +00:00
v "Invalid image metadata"
2016-11-14 16:30:51 +00:00
return 1
}
device = " $( cat /tmp/sysinfo/board_name) "
base-files: fwtool: implement compatibility check for images
We regularly encounter the situation that devices are subject to
changes that will make them incompatible to previous versions.
Removing SUPPORTED_DEVICES will not really be helpful in most of these
cases, as this only helps after a rename.
To solve this situation, this patchset introduces a compatibility
version for devices. In this patch, the actual checks are implemented
into fwtool_check_image():
If an incompatible change is introduced, one can increase either
the minor version (1.0->1.1) or the major version (1.0->2.0).
Minor version increment:
This will still allow sysupgrade, but require to reset config
(-n or SAVE_CONFIG=0). If sysupgrade is called without -n, a
corresponding message will be printed. If sysupgrade is called
with -n, it will just pass, with supported devices being checked
as usual. (Which will allow us to add back SUPPORTED_DEVICES for
many cases.)
Major version increment:
This is meant for potential (rare) cases where sysupgrade is
not possible at all, because it would break the device.
In this case, a warning will be printed, and -n won't help.
If image check fails because of one of the versions parts not
matching, the content of DEVICE_COMPAT_MESSAGE is printed in
addition to the generic message (if set).
For both cases, upgrade can still be forced with -F as usual.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-09 17:34:09 +00:00
devicecompat = " $( uci -q get system.@system[ 0] .compat_version) "
[ -n " $devicecompat " ] || devicecompat = "1.0"
json_get_var imagecompat compat_version
json_get_var compatmessage compat_message
[ -n " $imagecompat " ] || imagecompat = "1.0"
2016-11-14 16:30:51 +00:00
base-files: fwtool: make compat_version backward compatible
So far, the compatibility mechanism only works if both device and
image are already updated to the new routines. This patch extends
the sysupgrade metadata and fwtool_check_image() to account for
"older" images as well:
The basic mechanism for older devices to check for image compatibility
is the supported_devices entry. This can be exploited by putting
a custom message into this variable of the metadata, so older FW
will produce a mismatch and print the message as it thinks it's the
list of supported devices. So, we have two cases:
device 1.0, image 1.0:
The metadata will just contain supported_devices as before.
device 1.0, image 1.1:
The metadata will contain:
"new_supported_devices":["device_string1", "device_string2", ...],
"supported_devices":["Image version 1.1 incompatible to device: ..."]
If the device is "legacy", i.e. does not have the updated fwtool.sh,
it will just fail with image check and print the content of
supported_devices. If DEVICE_COMPAT_MESSAGE is set, this will be
printed on old devices as well through the same mechanism. Otherwise
a generic "Please check documentation ..." is appended.
Upgrade can still be performed with -F like when
SUPPORTED_DEVICES has been removed to prevent bricking.
If the device has updated fwtool.sh (but is 1.0), it will just use
the new_supported_devices instead, and work as intended (flashing
with -n will work, flashing without will print the appropriate
warning).
This mechanism should provide a fair tradeoff between simplicity
and functionality.
Since we touched a lot of fields in metadata, this also bumps
metadata_version to 1.1.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-09 17:46:44 +00:00
# select correct supported list based on compat_version
# (using this ensures that compatibility check works for devices
# not knowing about compat-version)
local supported = supported_devices
[ " $imagecompat " != "1.0" ] && supported = new_supported_devices
json_select $supported || return 1
2016-11-14 16:30:51 +00:00
json_get_keys dev_keys
for k in $dev_keys ; do
json_get_var dev " $k "
base-files: fwtool: implement compatibility check for images
We regularly encounter the situation that devices are subject to
changes that will make them incompatible to previous versions.
Removing SUPPORTED_DEVICES will not really be helpful in most of these
cases, as this only helps after a rename.
To solve this situation, this patchset introduces a compatibility
version for devices. In this patch, the actual checks are implemented
into fwtool_check_image():
If an incompatible change is introduced, one can increase either
the minor version (1.0->1.1) or the major version (1.0->2.0).
Minor version increment:
This will still allow sysupgrade, but require to reset config
(-n or SAVE_CONFIG=0). If sysupgrade is called without -n, a
corresponding message will be printed. If sysupgrade is called
with -n, it will just pass, with supported devices being checked
as usual. (Which will allow us to add back SUPPORTED_DEVICES for
many cases.)
Major version increment:
This is meant for potential (rare) cases where sysupgrade is
not possible at all, because it would break the device.
In this case, a warning will be printed, and -n won't help.
If image check fails because of one of the versions parts not
matching, the content of DEVICE_COMPAT_MESSAGE is printed in
addition to the generic message (if set).
For both cases, upgrade can still be forced with -F as usual.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-09 17:34:09 +00:00
if [ " $dev " = " $device " ] ; then
# major compat version -> no sysupgrade
if [ " ${ devicecompat %.* } " != " ${ imagecompat %.* } " ] ; then
2020-11-03 06:15:35 +00:00
v " The device is supported, but this image is incompatible for sysupgrade based on the image version ( $devicecompat -> $imagecompat ). "
[ -n " $compatmessage " ] && v " $compatmessage "
base-files: fwtool: implement compatibility check for images
We regularly encounter the situation that devices are subject to
changes that will make them incompatible to previous versions.
Removing SUPPORTED_DEVICES will not really be helpful in most of these
cases, as this only helps after a rename.
To solve this situation, this patchset introduces a compatibility
version for devices. In this patch, the actual checks are implemented
into fwtool_check_image():
If an incompatible change is introduced, one can increase either
the minor version (1.0->1.1) or the major version (1.0->2.0).
Minor version increment:
This will still allow sysupgrade, but require to reset config
(-n or SAVE_CONFIG=0). If sysupgrade is called without -n, a
corresponding message will be printed. If sysupgrade is called
with -n, it will just pass, with supported devices being checked
as usual. (Which will allow us to add back SUPPORTED_DEVICES for
many cases.)
Major version increment:
This is meant for potential (rare) cases where sysupgrade is
not possible at all, because it would break the device.
In this case, a warning will be printed, and -n won't help.
If image check fails because of one of the versions parts not
matching, the content of DEVICE_COMPAT_MESSAGE is printed in
addition to the generic message (if set).
For both cases, upgrade can still be forced with -F as usual.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-09 17:34:09 +00:00
return 1
fi
# minor compat version -> sysupgrade with -n required
if [ " ${ devicecompat #.* } " != " ${ imagecompat #.* } " ] && [ " $SAVE_CONFIG " = "1" ] ; then
2020-11-03 06:15:35 +00:00
v " The device is supported, but the config is incompatible to the new image ( $devicecompat -> $imagecompat ). Please upgrade without keeping config (sysupgrade -n). "
[ -n " $compatmessage " ] && v " $compatmessage "
base-files: fwtool: implement compatibility check for images
We regularly encounter the situation that devices are subject to
changes that will make them incompatible to previous versions.
Removing SUPPORTED_DEVICES will not really be helpful in most of these
cases, as this only helps after a rename.
To solve this situation, this patchset introduces a compatibility
version for devices. In this patch, the actual checks are implemented
into fwtool_check_image():
If an incompatible change is introduced, one can increase either
the minor version (1.0->1.1) or the major version (1.0->2.0).
Minor version increment:
This will still allow sysupgrade, but require to reset config
(-n or SAVE_CONFIG=0). If sysupgrade is called without -n, a
corresponding message will be printed. If sysupgrade is called
with -n, it will just pass, with supported devices being checked
as usual. (Which will allow us to add back SUPPORTED_DEVICES for
many cases.)
Major version increment:
This is meant for potential (rare) cases where sysupgrade is
not possible at all, because it would break the device.
In this case, a warning will be printed, and -n won't help.
If image check fails because of one of the versions parts not
matching, the content of DEVICE_COMPAT_MESSAGE is printed in
addition to the generic message (if set).
For both cases, upgrade can still be forced with -F as usual.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-09 17:34:09 +00:00
return 1
fi
return 0
fi
2016-11-14 16:30:51 +00:00
done
2020-11-03 06:15:35 +00:00
v " Device $device not supported by this image "
vn "Supported devices:"
2016-11-14 16:30:51 +00:00
for k in $dev_keys ; do
json_get_var dev " $k "
2020-11-03 06:15:35 +00:00
_vn " $dev "
2016-11-14 16:30:51 +00:00
done
2020-11-03 06:15:35 +00:00
_v
2016-11-14 16:30:51 +00:00
return 1
}